pm.healthcaresource.com Open in urlscan Pro
64.74.110.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.campaigns.healthcaretalentsource.com/ss/c/J2BRHRlNdWTgAi8xJ-7Qg7UDX93v4Twmmgnts0GKRyePS5HnSfpmZ1JE3XyCL_Sjexh45tnQhj-V900F4p7j2Q/3pi/...
Effective URL:
https://pm.healthcaresource.com/cs/avera/
Submission: On September 16 via manual (September 16th 2022, 1:28:29 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 34 domains to perform 82 HTTP transactions. The main IP is 64.74.110.11, located in United States and belongs to INTERNAP-BLOCK-4, US. The main domain is pm.healthcaresource.com. The Cisco Umbrella rank of the primary domain is 71431.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 28th 2021. Valid for: a year.

This is the only time pm.healthcaresource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
12	64.74.110.11 64.74.110.11	14742 (INTERNAP-...) (INTERNAP-BLOCK-4)
2	2a00:1450:400... 2a00:1450:400c:c08::5f	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	64.74.110.112 64.74.110.112	14742 (INTERNAP-...) (INTERNAP-BLOCK-4)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	34.239.21.240 34.239.21.240	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:9000:21f... 2600:9000:21f3:8600:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
18 23	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:fd1:5892:27bc:b9b0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	54.171.98.27 54.171.98.27	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.7 13.225.78.7	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	54.209.195.107 54.209.195.107	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	99.80.120.198 99.80.120.198	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	34.107.204.85 34.107.204.85	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2010	15169 (GOOGLE) (GOOGLE)
82	39

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

links.campaigns.healthcaretalentsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 64.74.110.11 (United States)

ASN14742 (INTERNAP-BLOCK-4, US)

pm.healthcaresource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.110.112 (United States)

ASN14742 (INTERNAP-BLOCK-4, US)

media.healthcaresource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.21.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-21-240.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:8600:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 169.50.137.184 (United States) 18 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:fd1:5892:27bc:b9b0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.98.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-27.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-7.fra2.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.195.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-195-107.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.120.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-120-198.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.204.85 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pendo-static-6293361821089792.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	simpli.fi 18 redirects tag.simpli.fi — Cisco Umbrella Rank: 4340 i.simpli.fi — Cisco Umbrella Rank: 3048 um.simpli.fi — Cisco Umbrella Rank: 833	14 KB
15	healthcaresource.com pm.healthcaresource.com — Cisco Umbrella Rank: 71431 media.healthcaresource.com — Cisco Umbrella Rank: 186718	695 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 maps.googleapis.com — Cisco Umbrella Rank: 358 pendo-static-6293361821089792.storage.googleapis.com — Cisco Umbrella Rank: 111658	188 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	143 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6352	736 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	696 B
3	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 781 data.pendo.io — Cisco Umbrella Rank: 836	147 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	186 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 563	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 838	569 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2305	875 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1307
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 448 d.agkn.com — Cisco Umbrella Rank: 638	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 436	607 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 335	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 331	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 877	316 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 501	442 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1518	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1378	324 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 5947	183 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 407	140 B
1	ipredictive.com ad.ipredictive.com — Cisco Umbrella Rank: 5887	327 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	healthcaretalentsource.com 1 redirects links.campaigns.healthcaretalentsource.com	255 B
82	34

	Domain	Requested by
23	um.simpli.fi	18 redirects
12	pm.healthcaresource.com	pm.healthcaresource.com cdnjs.cloudflare.com
7	cdnjs.cloudflare.com	pm.healthcaresource.com cdnjs.cloudflare.com
4	www.google.de	pm.healthcaresource.com
4	www.google.com	1 redirects pm.healthcaresource.com
4	maps.googleapis.com	pm.healthcaresource.com maps.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	pm.healthcaresource.com www.googletagmanager.com
3	media.healthcaresource.com	pm.healthcaresource.com
2	pendo-static-6293361821089792.storage.googleapis.com	cdn.pendo.io
2	data.pendo.io	cdn.pendo.io
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com
2	pixel.tapad.com	1 redirects
2	www.facebook.com	pm.healthcaresource.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	pm.healthcaresource.com connect.facebook.net
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.googleapis.com	pm.healthcaresource.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	idsync.rlcdn.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	cdn.pendo.io	pm.healthcaresource.com
1	i.simpli.fi	tag.simpli.fi
1	px4.ads.linkedin.com	pm.healthcaresource.com
1	www.linkedin.com	1 redirects
1	ad.ipredictive.com	pm.healthcaresource.com
1	tag.simpli.fi	www.googletagmanager.com
1	snap.licdn.com	pm.healthcaresource.com
1	fonts.gstatic.com	fonts.googleapis.com
1	links.campaigns.healthcaretalentsource.com	1 redirects
82	46

This site contains links to these domains. Also see Links.

Domain
www.avera.org
www.google.com
apply.healthcaretalentsource.com

Subject Issuer	Validity	Valid
*.healthcaresource.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-28` - `2023-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-25` - `2022-09-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ipredictive.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
pendo.io GTS CA 1D4	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pm.healthcaresource.com/cs/avera/
Frame ID: DD65327614B54D63C7149949542F3BAC
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Registered Nurse (RN) - Avera

Page URL History Show full URLs

http://links.campaigns.healthcaretalentsource.com/ss/c/J2BRHRlNdWTgAi8xJ-7Qg7UDX93v4Twmmgnts0GKRyePS5HnSfpmZ1JE3XyCL_Sjexh45tn... HTTP 302
https://pm.healthcaresource.com/cs/avera/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

77 %
HTTPS

42 %
IPv6

34
Domains

46
Subdomains

39
IPs

6
Countries

1542 kB
Transfer

4698 kB
Size

34
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.avera.org/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps?q=1325%20S%20Cliff%20Ave,%20Sioux%20Falls,%20SD,%2057105

Search URL Search Domain Scan URL

URL: http://www.avera.org/careers/what-makes-avera-special/
Title: What Makes Avera Special?

Search URL Search Domain Scan URL

URL: https://apply.healthcaretalentsource.com/init-apply/6cdda897-80b2-440b-84b6-4f6ed8896758/tn
Title: Join Our Talent Community!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.campaigns.healthcaretalentsource.com/ss/c/J2BRHRlNdWTgAi8xJ-7Qg7UDX93v4Twmmgnts0GKRyePS5HnSfpmZ1JE3XyCL_Sjexh45tnQhj-V900F4p7j2Q/3pi/CG5I4LAYR8KPBa8EAQWHhw/h0/m3Fx-EdCBayMhZe8HEKInLv2vjWR74T6oh4XWf5uUpY HTTP 302
https://pm.healthcaresource.com/cs/avera/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D523060%26time%3D1663334900462%26url%3Dhttps%253A%252F%252Fpm.healthcaresource.com%252Fcs%252Favera%252F%2523%252Fjob%252F78739%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true&e_ipv6=AQI74wOPHJHtIAAAAYNGfGSz-10buNUXRQ_B6Yb3As1lfqtt50Ex-T4qpmboTVSZQeyzw6oyMZ-QWiLg5qWEdhaubX9U9Q

Request Chain 53

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=C6B2CF295D9542C0B2970E86FAAD5B63&dongle=yf3

Request Chain 54

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 55

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 56

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 302
https://d.agkn.com/pixel/10751/?che=1663334903912&ip=84.19.175.165&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219483204276002045442 HTTP 302
https://um.simpli.fi/aa_px?sk=219483204276002045442 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 57

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 60

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=C6B2CF295D9542C0B2970E86FAAD5B63;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=C6B2CF295D9542C0B2970E86FAAD5B63;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=458005694275471861

Request Chain 61

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=C6B2CF295D9542C0B2970E86FAAD5B63&j=0

Request Chain 63

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 64

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 65

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 66

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 67

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 68

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1663334903542&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=93kkY8PpJtvMYvXDoLgE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=93kkY8PpJtvMYvXDoLgE&cid=CAQSKQCsnQUxvy__f-MYwQzzOVAJZh3EwtlILRvuxIcAKeZ7MUw061JNPh3G&random=581690250 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=93kkY8PpJtvMYvXDoLgE&cid=CAQSKQCsnQUxvy__f-MYwQzzOVAJZh3EwtlILRvuxIcAKeZ7MUw061JNPh3G&random=581690250&ipr=y&prhg=0

Request Chain 69

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63&__user_check__=1&sync_id=707593ac-35c3-11ed-aa4b-1ab0ad8d0206

Request Chain 70

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 71

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C6B2CF295D9542C0B2970E86FAAD5B63&expires=365

Request Chain 72

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C6B2CF295D9542C0B2970E86FAAD5B63

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEHfyIf90v1Y4CSS1Yt0IB_0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C6B2CF295D9542C0B2970E86FAAD5B63 HTTP 302
https://um.simpli.fi/g_match?id=

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pm.healthcaresource.com/cs/avera/
Redirect Chain

http://links.campaigns.healthcaretalentsource.com/ss/c/J2BRHRlNdWTgAi8xJ-7Qg7UDX93v4Twmmgnts0GKRyePS5HnSfpmZ1JE3XyCL_Sjexh45tnQhj-V900F4p7j2Q/3pi/CG5I4LAYR8KPBa8EAQWHhw/h0/m3Fx-EdCBayMhZe8HEKInLv2v...
https://pm.healthcaresource.com/cs/avera/

53 KB
14 KB

669ms
270ms

Document
text/html

64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 74f04be54c9c8ec2b2635327ad19e97b9fb07b0b6243a02094ebfb17b246f73a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14248
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 13:28:19 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-StackifyID: V2|ded10392-5538-4bd7-8faa-07378312a29d|C83659|CD37
x-server: ww1017

Redirect headers

Connection: keep-alive
Content-Length: 75
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 13:28:18 GMT
Location: https://pm.healthcaresource.com/cs/avera/#/job/78739
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 86ms
28ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 13:01:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 13:28:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 13:28:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
596 B 87ms
29ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d3b9b124ab86b33b4c72d29ceca9c5a56e5205e546394f55e1ca7fac57d58d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 13:10:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 13:28:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 13:28:19 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/ 115 KB
16 KB 81ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 138387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1ca39"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZS27blGsuJHEyVV5fwWoN%2FHMcYFHSG6AwNJVUcDxRBPFwt1OLRWcLam%2FLJjLRHnfCNgAF%2Fb2QiWKgR2Br6aD2uCXpQba64ZF7pcK8myDC8Ucpbwybrist%2F15P%2F8Lo81oenByYwRa7hl%2FSrYwbFr6L34"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d2efd39944-FRA
expires: Wed, 06 Sep 2023 13:28:19 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 79ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9912187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7TKGFbXSIhI8jRsHPCzFHPIlreKjVlVp9l%2FMlG6%2FhJbpFryuFh%2FFQRvlMao%2BqRcpSDPGAk4j323FT%2BjLSLILYuoWLXXHwWxZjKcIPH2H2TLi66vurYh2EYzyyyiASE%2BX2eJ06MAA7EJKJPSeMqG8PgC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d2efd59944-FRA
expires: Wed, 06 Sep 2023 13:28:19 GMT

GET
H/1.1 200
OK bootstrap-notifications.min.css
pm.healthcaresource.com/CS/Content/css/ 5 KB
2 KB 116ms
112ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/css/bootstrap-notifications.min.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5b9b7ac5f45350dd07439d5f57c0a002849bfd73892d51c4481474f2443948b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "d33a4dee2c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1852

GET
H/1.1 200
OK bootplus.css
pm.healthcaresource.com/CS/Content/css/ 6 KB
2 KB 229ms
112ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/css/bootplus.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 386b05affbf2042ad4c7ac35f300c85c997b03c20bafd277b3f3c98d998b8920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "477648ee2c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1523

GET
H/1.1 200
OK site.css
pm.healthcaresource.com/CS/Content/css/ 8 KB
3 KB 317ms
106ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/css/site.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d83b880f92ea44bb39236842782fdb046d1e84951ab6096555556bc01d1affc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "dab159ee2c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2829

GET
H/1.1 200
OK styles.bundle.css
pm.healthcaresource.com/CS/build/ 45 B
331 B 318ms
106ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/build/styles.bundle.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 94389a0a12cb82c096bf4f4bff48154d745445b1246d98765d241f78bf89d173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Last-Modified: Tue, 06 Sep 2022 15:11:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "2f2942f92c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Accept-Ranges: bytes
Content-Length: 45

GET
H/1.1 200
OK react-widgets.css
pm.healthcaresource.com/CS/Content/css/react-widgets/ 17 KB
5 KB 324ms
108ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/css/react-widgets/react-widgets.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ab15e74c4f63cb0d66ab257fdd4246fb8b25c0d9e53d48c7674097d2a872922c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:20 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "785da8eb2c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4307

GET
H/1.1 200
OK react-toggle-switch.css
pm.healthcaresource.com/CS/Content/css/react-widgets/ 392 B
679 B 324ms
108ms Stylesheet
text/css 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/css/react-widgets/react-toggle-switch.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 827d93940cf71388576defa6d3d096762ac3dcc7dbb1accb2c28954f052afb22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Last-Modified: Tue, 06 Sep 2022 15:11:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "224f57ee2c2d81:0"
Vary: Accept-Encoding
Content-Type: text/css
x-server: ww1017
Accept-Ranges: bytes
Content-Length: 392

GET
H2 200 styles_avera_a21c80d8-cdd8-4790-90b0-22b889c53eb9.css
media.healthcaresource.com/public/9015/JobSeeker/9015/css/ 1006 B
653 B 447ms
213ms Stylesheet
text/css 64.74.110.112
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://media.healthcaresource.com/public/9015/JobSeeker/9015/css/styles_avera_a21c80d8-cdd8-4790-90b0-22b889c53eb9.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.112 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b11eb1e0a252ac547d53a94630e1900d4202f68b40106717ffa6acd8f6d72c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:19 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 12:46:06 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "8a5e11b1fbdd81:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 544

GET
H2 200 advanced_search_bold_11121ea1-8cd1-4582-92fb-127cd306af19.css
media.healthcaresource.com/public/9015/JobSeeker/9015/css/ 244 B
411 B 446ms
212ms Stylesheet
text/css 64.74.110.112
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://media.healthcaresource.com/public/9015/JobSeeker/9015/css/advanced_search_bold_11121ea1-8cd1-4582-92fb-127cd306af19.css?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.112 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b28420fcb5b29ae146a1fe057f2876f6651d8f2e3ce68e543092cb989c535e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:19 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 18:21:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "4018bd9b65d61:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 249

GET
H/1.1 200
OK small-symplr-logo.svg
pm.healthcaresource.com/CS/public/assets/ 3 KB
3 KB 106ms
106ms Image
image/svg+xml 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.healthcaresource.com/CS/public/assets/small-symplr-logo.svg
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 81b3439c2d3fbdbcd1bbd4b492ee4da925d19021c39dbb8941db5dfaf7b8cedd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Last-Modified: Tue, 06 Sep 2022 15:11:31 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "db8e40f22c2d81:0"
Content-Type: image/svg+xml
x-server: ww1017
Accept-Ranges: bytes
Content-Length: 2824

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 94 KB
30 KB 27ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 345920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29929
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-176f8"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y3YDAoqJM5L65vx6tBXr%2B%2FR9xXHILTL2%2B5mtaJvV9%2B5JJvZRZgpv4CCIxJkK75pTPqo4KyR7H3FobdJWfcT9rkjYWrL0bo9yUr68rFyHRkSmfXLqyG%2FWRmqF%2F7x3ldee%2BpIQ4dTA9r7PmbzCUPlJtYA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d56b7c9944-FRA
expires: Wed, 06 Sep 2023 13:28:20 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/ 35 KB
9 KB 27ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 136313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8441
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-8c6f"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EsoFTOtW5fV5sSCxB%2FGIFv70LtsFmNiOJ4jIr2d45gqNDfaGOXabEOMN8zyiDFtRJi10HmJ4jq6OuA0c8G0DetDF3juYsaqPszjVBK0I7zjBN7ZYRTQeI2168uk95jy%2FsvrFD72BT8ZtuNRqQjTkhTc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d56b7d9944-FRA
expires: Wed, 06 Sep 2023 13:28:20 GMT

GET
H2 200 parsley.min.js Show response
cdnjs.cloudflare.com/ajax/libs/parsley.js/2.0.7/ 43 KB
10 KB 28ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/parsley.js/2.0.7/parsley.min.js

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7347ffc13aa0d9863f262debb05007dc3b9f541c6b3bacabe819d646469278

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 139673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9613
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-aaaa"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlvUYhVLVr0xEIowvpzzoeKf3Je3M2Bf%2BjJQyo0A6Z20ZqPH7YeuvSz8IMHbPNExcBOr0jWo7%2BlJEkb9xudXEQauQbsJRjEdgcrKxUkZ2KVp8d%2Bu8%2FRD3r9zRodvKgzbfMW5qYSbEqtuVj0LqRlXBlpB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d56b7f9944-FRA
expires: Wed, 06 Sep 2023 13:28:20 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 169 KB
56 KB 112ms
51ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyA-Z_VnJXI8_9_pif31WTH2myv8SD37qlg&libraries=places

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b644a7796d0cf3393ee167a686361f209a86d9899629b72d5314ce773a1d75fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=21
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56645
x-xss-protection: 0
expires: Fri, 16 Sep 2022 13:58:20 GMT

GET
H/1.1 200
OK NavigationBehavior.js Show response
pm.healthcaresource.com/CS/Content/js/support/ 11 KB
6 KB 109ms
108ms Script
application/javascript 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/Content/js/support/NavigationBehavior.js?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 76ed99ca745781f6f3affafe6d67fd31284ebc0e87b8a1c96566cc3702aff537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:20 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "5a71c5eb2c2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
x-server: ww1017
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5569

GET
H/1.1 200
OK client.bundle.js Show response
pm.healthcaresource.com/CS/build/ 2 MB
640 KB 111ms
110ms Script
application/javascript 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/CS/build/client.bundle.js?v=1.0.8284.20011
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 747507fc5aa52074c3c99eb1b82bab3c6221ecc785015bea6fee5ea3514806c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/cs/avera/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Sep 2022 15:11:43 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "c3cbf5f82c2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
x-server: ww1017
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
52 KB 90ms
44ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSL46DH

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8eb6229f3e6d9343f681f0fc2aa0d27cb583501ed4dc331e7aff8020b70cfe68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52838
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Sep 2022 13:28:20 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/ 55 KB
56 KB 52ms
28ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://pm.healthcaresource.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 676155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-ddcc"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHQ0krAwwHfnPfegdrzH7HSbCgUQYe0ZjH8xVALC%2FjV6iR1IZYWiycRk6vg6Lw9KVidCasEOr0Osx1vmX%2FeyxialQ4j2%2B%2BcvfC4cNI1JHCyxWNgo9%2BcEC7mawQcoN1oyus3a5%2FizG5f1NldsRKsSySrh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1d59f37bb67-FRA
expires: Wed, 06 Sep 2023 13:28:20 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pm.healthcaresource.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:51:26 GMT
x-content-type-options: nosniff
age: 326214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:51:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSL46DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1580
date: Fri, 16 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 16 Sep 2022 15:02:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
61 KB 86ms
45ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVBVH47&l=dataLayerCS

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94550500acab9cae3abfa277e809c838ad5157a2889fdcfbed4d444ac050d8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62585
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Sep 2022 13:28:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 81ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-14CVYSEJ2N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSL46DH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db70368d3c50e98fa9cd2cb178964455bf4d75cdf3f1853b4fb055417d7efd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74614
x-xss-protection: 0
expires: Fri, 16 Sep 2022 13:28:20 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 78ms
37ms XHR
application/json 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA-Z_VnJXI8_9_pif31WTH2myv8SD37qlg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pm.healthcaresource.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
26ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1322057013&t=pageview&_s=1&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&ul=en-us&de=UTF-8&dt=Avera%20-%20Job%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1554216505&gjid=999989587&cid=1581747381.1663334900&tid=UA-146522885-4&_gid=170334946.1663334900&_r=1&gtm=2wg9e0KSL46DH&cd1=028496&cd2=7728&cd3=028496&cd4=9015&cd5=7728&cd6=Avera&cd8=9&cd9=JBSKR&cd10=AVERA&cd11=PROD&cd15=false&cd16=false&z=1352833514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pm.healthcaresource.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 75ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-14CVYSEJ2N&gtm=2oe9e0&_p=1322057013&cid=1581747381.1663334900&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663334900&sct=1&seg=0&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&dt=Avera%20-%20Job%20Search&en=page_view&_fv=1&_ss=1&ep.clientId=7728&ep.clientName=Avera&ep.environment=PROD&ep.globalId=028496&ep.internalId=9015&ep.internalIdentifier=9015&ep.productId=9&ep.productName=JBSKR&ep.salesForceId=028496&ep.siteName=avera&ep.systemId=7728&ep.upgradedOrNew=upgraded
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-14CVYSEJ2N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-146522885-4&cid=1581747381.1663334900&jid=1554216505&gjid=999989587&_gid=170334946.1663334900&_u=YEBAAEAAAAAAAC~&z=1285966423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pm.healthcaresource.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Sep 2022 13:28:20 GMT
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
29ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1322057013&t=pageview&_s=1&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&ul=en-us&de=UTF-8&dt=Avera%20-%20Job%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=907241349&gjid=730745510&cid=1581747381.1663334900&tid=UA-2450492-19&_gid=170334946.1663334900&_r=1&gtm=2wg9e0PVBVH47&z=1647641491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pm.healthcaresource.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 156ms
92ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVBVH47&l=dataLayerCS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 13:28:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 70ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26872
x-xss-protection: 0
pragma: public
x-fb-debug: f452GXnh+tzZoizDsObInOOoRPqTh9EruMI6ATKl7pLsLNZ0zHeVfkBNTnnbYWEjvEl1hm5S5n4CuyhgEjjFpA==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 13:28:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 75ms
20ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=64615
accept-ranges: bytes
content-length: 3063

GET
H2 200 84d5a0d0-0e69-013a-4c3b-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 223ms
28ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/84d5a0d0-0e69-013a-4c3b-06abc14c0bc6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVBVH47&l=dataLayerCS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

0969890fd74c2d70ff0dd3fa0b3878c8258b9bd60179a1c256710b320d3b8cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FxVaR4RErXXmizDa3bUi
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK event
ad.ipredictive.com/d/track/ 0
327 B 469ms
107ms Image
text/plain 34.239.21.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/track/event?upid=100060&cache_buster=217036130
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.21.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-21-240.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:20 GMT
Connection: keep-alive
Content-Length: 0
X-CI-RTID: cec43268-4c0d-4320-9469-be81532461f5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 31ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2450492-19&cid=1581747381.1663334900&jid=907241349&gjid=730745510&_gid=170334946.1663334900&_u=aEDAAEABAAAAAC~&z=646857334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pm.healthcaresource.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Sep 2022 13:28:20 GMT
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 194ms
58ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2450492-19&cid=1581747381.1663334900&jid=907241349&_u=aEDAAEABAAAAAC~&z=459759661

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 351ms
215ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2450492-19&cid=1581747381.1663334900&jid=907241349&_u=aEDAAEABAAAAAC~&z=459759661

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 195ms
59ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146522885-4&cid=1581747381.1663334900&jid=1554216505&_u=YEBAAEAAAAAAAC~&z=1280415350

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 192ms
56ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-146522885-4&cid=1581747381.1663334900&jid=1554216505&_u=YEBAAEAAAAAAAC~&z=1280415350

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D523060%26time%3D1663334900462%26url%3Dhttps%253A%252F%252Fpm.healthcaresource.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true&e_ipv6=AQI74wOPHJHtIAAAAYNGfGSz-...

0
265 B

162ms
119ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true&e_ipv6=AQI74wOPHJHtIAAAAYNGfGSz-10buNUXRQ_B6Yb3As1lfqtt50Ex-T4qpmboTVSZQeyzw6oyMZ-QWiLg5qWEdhaubX9U9Q
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C0CD62A51A77493EB8B7B77CAA6064FC Ref B: FRAEDGE1515 Ref C: 2022-09-16T13:28:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoy1XrtyyLLhApBjJCjw==
x-li-fabric: prod-lva1

Redirect headers

date: Fri, 16 Sep 2022 13:28:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AEB1BA2F78B4427FB4E8F136D92EC2F7 Ref B: DUS30EDGE0814 Ref C: 2022-09-16T13:28:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=523060&time=1663334900462&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&liSync=true&e_ipv6=AQI74wOPHJHtIAAAAYNGfGSz-10buNUXRQ_B6Yb3As1lfqtt50Ex-T4qpmboTVSZQeyzw6oyMZ-QWiLg5qWEdhaubX9U9Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXoy1XpH60V+LCUfPXw9w==

GET
H3 200 1565260733747379 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 96ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1565260733747379?v=2.9.81&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fa808dc0f86c19487fb20910a5d344536a5e0248cc6e95782fd37f277f02498

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Gwh+KhmUyeq7Vheyp8htTC/bNmeUfJCKlsmFDrTWhoMlOoyN5zBd0OvwWgtE/yNiX062YbT78SdMcwLQRJT8dA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 13:28:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/816718858/ 2 KB
2 KB 106ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/816718858/?random=1663334900545&cv=9&fst=1663334900545&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&tiba=Avera%20-%20Job%20Search&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2fee9bdc2f53fffa95d1d5368dbc2510a8b79f1f076f1680e5b9172dff39235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 100ms
36ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=PageView&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&rl=&if=false&ts=1663334900640&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663334900639.712292995&it=1663334900486&coo=false&rqm=GET

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 16 Sep 2022 13:28:20 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/816718858/ 42 B
64 B 77ms
34ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/816718858/?random=1663334900545&cv=9&fst=1663333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&tiba=Avera%20-%20Job%20Search&async=1&fmt=3&is_vtc=1&random=1140265969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/816718858/ 42 B
64 B 78ms
36ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/816718858/?random=1663334900545&cv=9&fst=1663333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&tiba=Avera%20-%20Job%20Search&async=1&fmt=3&is_vtc=1&random=1140265969&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 66ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=Microdata&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F%23%2Fjob%2F78739&rl=&if=false&ts=1663334902154&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Avera%20-%20Job%20Search%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.1.1663334900639.712292995&it=1663334900486&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 16 Sep 2022 13:28:22 GMT

GET
H/1.1 200
OK GetClientInternalCareerSite Show response
pm.healthcaresource.com/JobseekerServicesAPI/Site/avera/api/ 65 B
462 B 111ms
111ms XHR
application/json 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/JobseekerServicesAPI/Site/avera/api/GetClientInternalCareerSite
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0f8dc4f653a646c9b6b8ad886cbc460035b503c3cff75be49ea0c3c11183aedc

Request headers

Accept: */*
Referer: https://pm.healthcaresource.com/cs/avera/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Fri, 16 Sep 2022 13:28:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept, Accept-Encoding
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|7c2034a4-55c8-4ffa-b625-e983f0204cd0|C83659|CD37
Cache-Control: private
x-server: ww1017
Connection: Keep-Alive
Content-Length: 71

GET
H2 200 p Show response
i.simpli.fi/ 748 B
1 KB 133ms
32ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=143470&cb=sifi_att_922._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/84d5a0d0-0e69-013a-4c3b-06abc14c0bc6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

619c8e428cc11358b909bcd612c24eb37d31db64a9a847f856906c619ae93f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/33a49875-04de-4897-58ad-d425c5941ea4/ 457 KB
142 KB 137ms
31ms Script
application/javascript 2600:9000:21f3:8600:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/33a49875-04de-4897-58ad-d425c5941ea4/pendo.js
Requested by: Host: pm.healthcaresource.com
URL: https://pm.healthcaresource.com/cs/avera/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 45c9484f8103c016a7d5ae90b3cd383f8e1c4c5ae0b1d481dd4bec5890f4cef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:23 GMT
Content-Encoding: gzip
Age: 256
X-GUploader-UploadID: ADPycduPoaV6P4-KUNfb5TLOLTE8gH-8KWAQ9sm7Y8dPhJBCwvC5s4o1AHKlxmWxO6pYe4XVb22mpPCKdvMVeoqLvdrwjQ
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 144490
Access-Control-Allow-Origin: *
Last-Modified: Thu, 08 Sep 2022 20:15:41 GMT
Server: UploadServer
ETag: "8c182530f48442417528f39177ff4333"
Vary: Accept-Encoding
x-goog-hash: crc32c=N5WvNQ==, md5=jBglMPSEQkF1KPORd/9DMw==
x-goog-generation: 1662668141340498
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 144490
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 10St5oUUIaJj4cR9lZjVXtCgupcMip7jQAr4j_lEJZ1F1CwIwhd7Ug==
Expires: Fri, 16 Sep 2022 13:31:37 GMT

GET
H/1.1 200
OK JobPostingV2 Show response
pm.healthcaresource.com/JobseekerAPI/Site/avera/api/v2/ 26 KB
8 KB 151ms
150ms XHR
application/json 64.74.110.11
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.healthcaresource.com/JobseekerAPI/Site/avera/api/v2/JobPostingV2?id=78739&_=1663334900095
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.11 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fd4e32e7f737ef780d966e532577204895b39f41e807eae63d95046ecfd2d820

Request headers

Accept: */*
Referer: https://pm.healthcaresource.com/cs/avera/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Fri, 16 Sep 2022 13:28:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
X-StackifyID: V2|6dc1b2be-42d5-4384-8f57-0e2fa6c1fe42|C83659|CD37
x-server: ww1017
Connection: Keep-Alive
Content-Length: 7782

GET
H2 200 logo_29f2ee9b-c980-4351-b108-cfd351c2314b.png
media.healthcaresource.com/public/9015/JobSeeker/9015/images/ 9 KB
9 KB 113ms
112ms Image
image/png 64.74.110.112
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.healthcaresource.com/public/9015/JobSeeker/9015/images/logo_29f2ee9b-c980-4351-b108-cfd351c2314b.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.74.110.112 , United States, ASN14742 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c44a8febffd0902760f7d7bf90c1cf92653152081d2853d1b8a1eae4a088104d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
last-modified: Thu, 05 Dec 2019 07:35:49 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "9f9d369d3eabd51:0"
content-type: image/png
accept-ranges: bytes
content-length: 9351

GET
H3 200 glyphicons-halflings-regular.woff2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/ 18 KB
18 KB 27ms
27ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/css/bootstrap.min.css
Origin: https://pm.healthcaresource.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12231940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5ZXfxKVGBYXnhO8USqaOfYYceEnLFclUMid4j4rK4QG96KUCuzjho1VdQTrBexu4smmV3ZJIWTuW38wImQnigBEQ0b8pHUz3jG1caJI5n28HLRysInPefNGZWQyAKkkBLq743wfcK1%2FWW2eotUz5U8q"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74b9f1eadb7cbb67-FRA
expires: Wed, 06 Sep 2023 13:28:23 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=C6B2CF295D9542C0B2970E86FAAD5B63&dongle=yf3

37 B
140 B

114ms
22ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=C6B2CF295D9542C0B2970E86FAAD5B63&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://eb2.3lift.com/xuid?mid=7969&xuid=C6B2CF295D9542C0B2970E86FAAD5B63&dongle=yf3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=C6B2CF295D9542C0B2970E86FAAD5B63

43 B
183 B

344ms
105ms

Image
image/gif

2600:1f18:612b:4200:fd1:5892:27bc:b9b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 2600:1f18:612b:4200:fd1:5892:27bc:b9b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:24 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63

95 B
113 B

54ms
30ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=C6B2CF295D9542C0B2970E86FAAD5B63
date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=C6B2CF295D9542C0B2970E86FAAD5B63
https://d.agkn.com/pixel/10751/?che=1663334903912&ip=84.19.175.165&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219483204276002045442
https://um.simpli.fi/aa_px?sk=219483204276002045442
https://um.simpli.fi/empty.gif

43 B
361 B

26ms
26ms

Image
image/gif

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Fri, 16 Sep 2022 13:28:24 GMT
x-content-type-options: nosniff
server: nginx
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C6B2CF295D9542C0B2970E86FAAD5B63

0
0

87ms
25ms

Image
text/html

13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-7.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 161ms
27ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 48ms
46ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=C6B2CF295D9542C0B2970E86FAAD5B63;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=C6B2CF295D9542C0B2970E86FAAD5B63;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=458005694275471861

0
0

22ms
20ms

Image
text/html

13.225.78.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=458005694275471861
Protocol: H2
Server: 13.225.78.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-7.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=458005694275471861
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=C6B2CF295D9542C0B2970E86FAAD5B63&j=0

0
324 B

564ms
151ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=C6B2CF295D9542C0B2970E86FAAD5B63&j=0
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=C6B2CF295D9542C0B2970E86FAAD5B63&j=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 52ms
50ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=C6B2CF295D9542C0B2970E86FAAD5B63

0
421 B

492ms
108ms

Image
text/plain

54.209.195.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: HTTP/1.1
Server: 54.209.195.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-195-107.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 16 Sep 2022 13:28:23 GMT

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=C6B2CF295D9542C0B2970E86FAAD5B63

62 B
442 B

288ms
214ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

200

tpid=C6B2CF295D9542C0B2970E86FAAD5B63
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63

49 B
279 B

45ms
44ms

Image
image/gif

99.80.120.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 99.80.120.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-120-198.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.14.189
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=C6B2CF295D9542C0B2970E86FAAD5B63
cache-control: no-cache
x-server: 10.45.4.122
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=C6B2CF295D9542C0B2970E86FAAD5B63

0
316 B

117ms
28ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
x-merge: GDPR Optout true
pod: X-Sovrn-Pod: ad_ap6ams1
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=C6B2CF295D9542C0B2970E86FAAD5B63

0
98 B

89ms
30ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1663334903542&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
64 B

39ms
38ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=93kkY8PpJtvMYvXDoLgE&cid=CAQSKQCsnQUxvy__f-MYwQzzOVAJZh3EwtlILRvuxIcAKeZ7MUw061JNPh3G&random=581690250&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1140073485&cv=7&fst=1663334903542&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=93kkY8PpJtvMYvXDoLgE&cid=CAQSKQCsnQUxvy__f-MYwQzzOVAJZh3EwtlILRvuxIcAKeZ7MUw061JNPh3G&random=581690250&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63&__user_check__=1&sync_id=707593ac-35c3-11ed-aa4b-1ab0ad8d0206

43 B
549 B

33ms
33ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63&__user_check__=1&sync_id=707593ac-35c3-11ed-aa4b-1ab0ad8d0206
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 13:28:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 112
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 16 Sep 2022 13:28:24 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=C6B2CF295D9542C0B2970E86FAAD5B63&__user_check__=1&sync_id=707593ac-35c3-11ed-aa4b-1ab0ad8d0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=C6B2CF295D9542C0B2970E86FAAD5B63
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC6B2CF295D9542C0B2970E86FAAD5B63

43 B
1 KB

28ms
27ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC6B2CF295D9542C0B2970E86FAAD5B63

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 13:28:23 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 478092aa-5abc-422e-aeef-97ca3678a70c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 13:28:23 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 25a96243-b29f-473d-8dd8-ad80f64a66cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DC6B2CF295D9542C0B2970E86FAAD5B63
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C6B2CF295D9542C0B2970E86FAAD5B63&expires=365

0
239 B

123ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C6B2CF295D9542C0B2970E86FAAD5B63&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=C6B2CF295D9542C0B2970E86FAAD5B63&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C6B2CF295D9542C0B2970E86FAAD5B63

43 B
273 B

88ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=C6B2CF295D9542C0B2970E86FAAD5B63
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=C6B2CF295D9542C0B2970E86FAAD5B63
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 15 Sep 2022 13:28:23 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEHfyIf90v1Y4CSS1Yt0IB_0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C6B2CF295D9542C0B2970E86FAAD5B63
https://um.simpli.fi/g_match?id=

0
320 B

28ms
27ms

Image
text/plain

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 15 Sep 2022 13:28:23 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 33a49875-04de-4897-58ad-d425c5941ea4
data.pendo.io/data/ptm.gif/ 42 B
116 B 285ms
214ms Image
image/gif 34.107.204.85
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/33a49875-04de-4897-58ad-d425c5941ea4?v=2.151.2_prod&ct=1663334903754&jzb=eJzNU-9v0zAQ_VdQ-No2P5sf_dapGxpjadSOIYRQ5NiXziixg-20dFP_951p2IbEkJCYtHzyvfOd3717-XLnmH0HzszhDITh9d4ZOZWSOw2qNLzFjB_HYRhGmRcmUTBytlxzI1XJGRZ5qZ_FLKLjKfhknFV1Mq4gpmOWUebXaVqnNMSGhFLZCzPUBGmUxYj2qsHwxphOz1y3ayc3QBpzQ4kCLXtFYUJl61Ltki0o4r51v8nKTdIkzLC4U7LTzuzOkQ0rf-NUFqf5YllelbdFccbgtGP0OxbYe3_m8b8mOiAr5C7MFanOERd904wccwycz0mw9cL40_pUdbc6ucYmtSIt_EzW-2udX5x5bFcU6kdtB6z2BnDAyEsPo4cltWDIXxcUvb4FDXzs8V8oQUu4fb4XDGougCGmZGNVGE5zxrjhUhB7DbHiEt9kPTU5yorQ-5P1xQpxcQwfGr152nIomVMKGunaPiC2XEnR4iYRKFbLBYLHZjPHqB4wXOYny_lqcZ6_s9sjjbZgQ8SmJxv7GIjy49o6YlD2cfpf4jKCziAa919cIp55_tRK3m0UYcCWKoedJT3EmKINR0bDbHOr-HNcN_ID38KCmEGsY-XV0UKPNsWZB2oIIR2b9WPXy9zACwL7Y4DSqC_CwcSf-pOgtGq9jM-T0H_i80YSO_LzPp--Pp9bzgPTKErCSezZL0z9KHkRxYIsPHy9B3wryZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 33a49875-04de-4897-58ad-d425c5941ea4 Show response
data.pendo.io/data/guide.js/ 12 KB
4 KB 257ms
187ms Script
application/javascript 34.107.204.85
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/33a49875-04de-4897-58ad-d425c5941ea4?jzb=eJyVkUGPmzAQhf9K5b2WGNgNAW6sIlVpuyTKtudosAfiCmxkG6qqyn_fcaFpLz305vfZb3jz-Mlm5ZQ39iBZyeI8KTL5JKItJhAVTbuLGsxEJAshkzbP21w8svcMhDCT9oslzZ-KjOBke5JX70dXcj4OmytC768CLDozWYEbYQYuHIcZLfAH_s00fJfvHgsyD-hBggdW3gOFo_qPUDiACgkmLbFVGiUxa3oktJ4qKZVXRkN4Ruz0MlojJ-FrGMKzj8-vn87E9SLvg979PXK1VEKgc8sc1LOyRg-oPYHT-bgnuAwrmbcTkjzWz8fqvD_UH4i10LsAe9DdBF34GOrL11d2u3f7Z_vf_YZ6GnB4kKcX4kWcbEPrY2dBojzaGr-H0KumK9ErSrTuVoXS_5W1M5_VjHvwa1mL88uP8ZemUCP9RB12XqMRojjhNsl4XPA0TlPy0Tcc9Us43STbZJNeQlvsdnsDhaa-7Q&v=2.151.2_prod&ct=1663334903761

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/33a49875-04de-4897-58ad-d425c5941ea4/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

Resource Hash

e5b6d0b169930ad012eb6509eaa01cfcc0619563969f4baa3c4f09f81741f9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 p4Z847ynC8AK1mtKY8r-7puSUzg.dom.jsonp Show response
pendo-static-6293361821089792.storage.googleapis.com/guide-content/wE1hhBKqoVdIHUw2WO-addE4bV4/kGbaZAmO0UcBLO2IR-1IUVM89UA/ 16 KB
2 KB 232ms
136ms Script
application/javascript 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-6293361821089792.storage.googleapis.com/guide-content/wE1hhBKqoVdIHUw2WO-addE4bV4/kGbaZAmO0UcBLO2IR-1IUVM89UA/p4Z847ynC8AK1mtKY8r-7puSUzg.dom.jsonp?sha256=w2yRJSl8h70wmLCwH3Ck0Zfe5Xlz6_6B2r4nEFPITYg
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/33a49875-04de-4897-58ad-d425c5941ea4/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c36c9125297c87bd3098b0b01f70a4d197dee57973ebfe81dabe271053c84d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:28:24 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduwo2B3cWA60U-cfOxDRGP1tFKZMRh_NKVoKgfzRsmz0X_igmxG3D6x3M02MRqPSM76XfnipPiOysnxdsDYEbfFrA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2193
last-modified: Wed, 29 Jun 2022 15:59:21 GMT
server: UploadServer
etag: "e5a1c08b9a89c9d6dba9309412bcabf1"
vary: Accept-Encoding
x-goog-hash: crc32c=G4gADw==, md5=5aHAi5qJydbbqTCUEryr8Q==
x-goog-generation: 1656518361435650
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2193
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 16 Sep 2022 14:28:24 GMT

GET
H2 200 FfbS8fTcbNM45tBpZqa1kbsQsXI.dom.jsonp Show response
pendo-static-6293361821089792.storage.googleapis.com/guide-content/5remeh26ybgcHb-w0cgtfzMSBSE/FFO39JHviPHSqNeTmB_Gym0624E/ 13 KB
2 KB 114ms
20ms Script
application/javascript 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pendo-static-6293361821089792.storage.googleapis.com/guide-content/5remeh26ybgcHb-w0cgtfzMSBSE/FFO39JHviPHSqNeTmB_Gym0624E/FfbS8fTcbNM45tBpZqa1kbsQsXI.dom.jsonp?sha256=gPVHW2YTXSAnepo5guQK7LipMRaOmIXna7QL9r5CdSI
Requested by: Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/33a49875-04de-4897-58ad-d425c5941ea4/pendo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 80f5475b66135d20277a9a3982e40aecb8a931168e9885e76bb40bf6be427522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:27:44 GMT
content-encoding: gzip
age: 40
x-guploader-uploadid: ADPycdumPHY9OeRUD7mlAHFjcjeBQe63NldfzwZ1pZa0w64gkXJs5H_WkpHIDt1ZXj08Gc6ymGP7083R6HWYx90fVfKG
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1857
last-modified: Tue, 01 Feb 2022 18:11:32 GMT
server: UploadServer
etag: "a23e4ef0de0418eb967b24cf5693e539"
vary: Accept-Encoding
x-goog-hash: crc32c=X3SgNA==, md5=oj5O8N4EGOuWeyTPVpPlOQ==
x-goog-generation: 1643739092106749
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1857
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 16 Sep 2022 14:27:44 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 246 KB
68 KB 64ms
22ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA-Z_VnJXI8_9_pif31WTH2myv8SD37qlg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df153aa4d76e55bf5adbe4e0c285a2d630715fc4660f70dfa0f1e1a987a5a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69222
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:13:59 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 158 KB
58 KB 66ms
26ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyA-Z_VnJXI8_9_pif31WTH2myv8SD37qlg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7a7b711d3ebae8f784cb25f039c4776c2e6efe94c52079e09a344840c8b1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59716
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:13:59 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 67ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-14CVYSEJ2N&gtm=2oe9e0&_p=1322057013&cid=1581747381.1663334900&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1663334900&sct=1&seg=0&dl=https%3A%2F%2Fpm.healthcaresource.com%2Fcs%2Favera%2F&dt=Avera%20-%20Job%20Search&en=scroll&ep.clientId=7728&ep.clientName=Avera&ep.environment=PROD&ep.globalId=028496&ep.internalId=9015&ep.internalIdentifier=9015&ep.productId=9&ep.productName=JBSKR&ep.salesForceId=028496&ep.siteName=avera&ep.systemId=7728&ep.upgradedOrNew=upgraded&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-14CVYSEJ2N&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pm.healthcaresource.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 13:28:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pm.healthcaresource.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pm.healthcaresource.com/cs/avera	1969-12-31 23:59:59	Name: JBSKR Value: true
pm.healthcaresource.com/	1969-12-31 23:59:59	Name: BIGipServerpool.prod.pm.stateless.current Value: 2785217034.20480.0000
.healthcaresource.com/	1970-01-20 06:03:41	Name: _gid Value: GA1.2.170334946.1663334900
.healthcaresource.com/	1970-01-20 06:02:14	Name: _gat_UA-146522885-4 Value: 1
.healthcaresource.com/	1970-01-20 15:38:14	Name: _ga_14CVYSEJ2N Value: GS1.1.1663334900.1.0.1663334900.0.0.0
.healthcaresource.com/	1970-01-20 15:38:14	Name: _ga Value: GA1.2.1581747381.1663334900
.healthcaresource.com/	1970-01-20 06:02:14	Name: _gat_UA-2450492-19 Value: 1
.simpli.fi/	1970-01-20 14:49:17	Name: suid Value: C6B2CF295D9542C0B2970E86FAAD5B63
.healthcaresource.com/	1970-01-20 08:11:50	Name: _fbp Value: fb.1.1663334900639.712292995
.linkedin.com/	1970-01-20 06:45:26	Name: UserMatchHistory Value: AQIb6iowuOoVSQAAAYNGfGOi-pO3SKS8oSRiLdkIM0CoOnhOs5CY6T1Dz9ecrVuSmXUCj6-qNJ0pwQ
.linkedin.com/	1970-01-20 06:45:26	Name: AnalyticsSyncHistory Value: AQLoRRofqm7yaQAAAYNGfGOiTZAV_eOuWYm1aYa04_FesUO6pTwGK3xny7VJLcdaB9ykRnDWbDKojpTWZlYUSw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:47:50	Name: bcookie Value: "v=2&7bee2014-0233-47ad-8829-4c6dc2c07123"
.linkedin.com/	1970-01-20 06:03:41	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2715:u=1:x=1:i=1663334900:t=1663421300:v=2:sig=AQGNeHplayOJllGOVCnPvtH9nqrWb0E1"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:47:50	Name: bscookie Value: "v=1&202209161328204b99a756-76bd-4b0f-8da9-f8f71d46e9e7AQGHpZqG3Y05uvJeE2DAnKWAwQF-ZXa2"
.linkedin.com/	1970-01-20 10:21:26	Name: li_gc Value: MTswOzE2NjMzMzQ5MDA7MjswMjFDH3mM1acrtTI7QCXFu5LN3OA9eAcnQqT1l0SY/U0zUg==
.ipredictive.com/	1970-01-20 14:47:50	Name: cu Value: aa6d6f71-db7a-4ee7-8d47-71618911a7a3\|1663334900799
.healthcaresource.com/	1970-01-20 06:02:15	Name: visitorUUID Value: 08196d4c-5e1a-9bf7-be6c-d9cd1f88f8c3
.simpli.fi/	1970-01-20 06:12:19	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 15:23:50	Name: IDE Value: AHWqTUkmZ2XkuFoJr7gpHBSrGdV4au_fdIZTkwDw-WKvEhP42bmIp8lFxrIVnDtzWnE
.tapad.com/	1970-01-20 07:28:38	Name: TapAd_TS Value: 1663334903843
.tapad.com/	1970-01-20 07:28:38	Name: TapAd_DID Value: 45ad887e-4faf-4a64-8fe8-ea3cabb796c3
.pro-market.net/	1970-01-20 10:21:26	Name: anProfile Value: "3h9pgv9z0t11+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60101000021012710755BC30E0+s2=(rib1fb)+vm=24-C6B2CF295D9542C0B2970E86FAAD5B63"
.pro-market.net/	1970-01-20 06:45:26	Name: anHistory Value: "3h9pgv9z0t11+2+!#7')$u#S4~"
.tapad.com/	1970-01-20 07:28:38	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 08:11:50	Name: uuid2 Value: 8525204153078996704
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.agkn.com/	1970-01-20 14:47:50	Name: ab Value: 0001%3AKVSYOeRP%2Bg9mO3hDtkq0kQf7CgQZ%2FqVw
.adnxs.com/	1970-01-20 08:11:50	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In@v?T.5!]tbPl1N!7On*M$=BX@-fnR2`fS<W[if_7ZkygdRigQ]ldXc=TiHfZ[g_Rl$pH?#N/X%W#.wL4W1Qw2(q7qjm
.spotxchange.com/	1970-01-20 06:42:34	Name: audience Value: 70759363-35c3-11ed-aa4b-1ab0ad8d0206
.agkn.com/	1970-01-20 14:47:50	Name: u Value: C\|0AAAAAAAAKrc2eAAAAAAA
.bfmio.com/	1970-01-20 14:47:50	Name: __141_cid Value: C6B2CF295D9542C0B2970E86FAAD5B63
.bfmio.com/	1970-01-20 14:47:50	Name: __io_cid Value: 126245479634bea9f4b76d7f1be4a3a2319e61ba

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=C6B2CF295D9542C0B2970E86FAAD5B63 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=C6B2CF295D9542C0B2970E86FAAD5B63 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=458005694275471861 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.ipredictive.com
bcp.crwdcntrl.net
cdn.pendo.io
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
data.pendo.io
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
links.campaigns.healthcaretalentsource.com
loadm.exelator.com
maps.googleapis.com
media.healthcaresource.com
pendo-static-6293361821089792.storage.googleapis.com
pixel.rubiconproject.com
pixel.tapad.com
pm.healthcaresource.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.225.78.7
142.250.186.130
167.89.115.120
169.50.137.176
169.50.137.179
169.50.137.184
18.198.69.109
185.89.211.84
185.94.180.126
2001:4860:4802:34::36
216.52.2.30
216.58.212.130
2600:1901:0:8eee::
2600:1f18:612b:4200:fd1:5892:27bc:b9b0
2600:9000:21f3:8600:1f:aa31:7740:93a1
2606:4700::6811:180e
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:813::2010
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::5f
2a00:1450:400c:c0c::9a
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
3.123.239.111
34.107.204.85
34.239.21.240
34.98.64.218
35.227.248.159
35.244.174.68
54.171.98.27
54.209.195.107
64.74.110.11
64.74.110.112
69.173.144.139
69.192.160.219
76.223.111.18
99.80.120.198
0969890fd74c2d70ff0dd3fa0b3878c8258b9bd60179a1c256710b320d3b8cd2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f8dc4f653a646c9b6b8ad886cbc460035b503c3cff75be49ea0c3c11183aedc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1fa808dc0f86c19487fb20910a5d344536a5e0248cc6e95782fd37f277f02498
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
386b05affbf2042ad4c7ac35f300c85c997b03c20bafd277b3f3c98d998b8920
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45c9484f8103c016a7d5ae90b3cd383f8e1c4c5ae0b1d481dd4bec5890f4cef1
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
473842579288c04e865ecfa63ae67a45d6e9a0871c9cf2aea4db32637cf7bbb8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5b9b7ac5f45350dd07439d5f57c0a002849bfd73892d51c4481474f2443948b4
5df153aa4d76e55bf5adbe4e0c285a2d630715fc4660f70dfa0f1e1a987a5a18
619c8e428cc11358b909bcd612c24eb37d31db64a9a847f856906c619ae93f05
747507fc5aa52074c3c99eb1b82bab3c6221ecc785015bea6fee5ea3514806c2
74f04be54c9c8ec2b2635327ad19e97b9fb07b0b6243a02094ebfb17b246f73a
76ed99ca745781f6f3affafe6d67fd31284ebc0e87b8a1c96566cc3702aff537
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7d3b9b124ab86b33b4c72d29ceca9c5a56e5205e546394f55e1ca7fac57d58d5
80f5475b66135d20277a9a3982e40aecb8a931168e9885e76bb40bf6be427522
81b3439c2d3fbdbcd1bbd4b492ee4da925d19021c39dbb8941db5dfaf7b8cedd
827d93940cf71388576defa6d3d096762ac3dcc7dbb1accb2c28954f052afb22
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b7347ffc13aa0d9863f262debb05007dc3b9f541c6b3bacabe819d646469278
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8eb6229f3e6d9343f681f0fc2aa0d27cb583501ed4dc331e7aff8020b70cfe68
94389a0a12cb82c096bf4f4bff48154d745445b1246d98765d241f78bf89d173
94550500acab9cae3abfa277e809c838ad5157a2889fdcfbed4d444ac050d8fa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab15e74c4f63cb0d66ab257fdd4246fb8b25c0d9e53d48c7674097d2a872922c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b11eb1e0a252ac547d53a94630e1900d4202f68b40106717ffa6acd8f6d72c76
b28420fcb5b29ae146a1fe057f2876f6651d8f2e3ce68e543092cb989c535e1e
b2fee9bdc2f53fffa95d1d5368dbc2510a8b79f1f076f1680e5b9172dff39235
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b644a7796d0cf3393ee167a686361f209a86d9899629b72d5314ce773a1d75fc
ba3fe63eac33e099b1600d123a80bc075696219926d63f6adc4b9401aad71ca9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c36c9125297c87bd3098b0b01f70a4d197dee57973ebfe81dabe271053c84d88
c44a8febffd0902760f7d7bf90c1cf92653152081d2853d1b8a1eae4a088104d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d83b880f92ea44bb39236842782fdb046d1e84951ab6096555556bc01d1affc1
db70368d3c50e98fa9cd2cb178964455bf4d75cdf3f1853b4fb055417d7efd5f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b6d0b169930ad012eb6509eaa01cfcc0619563969f4baa3c4f09f81741f9c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
fd4e32e7f737ef780d966e532577204895b39f41e807eae63d95046ecfd2d820
fe7a7b711d3ebae8f784cb25f039c4776c2e6efe94c52079e09a344840c8b1b9

pm.healthcaresource.com Open in urlscan Pro 64.74.110.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

77 %HTTPS

42 %IPv6

34 Domains

46 Subdomains

39 IPs

6 Countries

1542 kBTransfer

4698 kBSize

34 Cookies

4 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pm.healthcaresource.com Open in urlscan Pro
64.74.110.11 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

77 %
HTTPS

42 %
IPv6

34
Domains

46
Subdomains

39
IPs

6
Countries

1542 kB
Transfer

4698 kB
Size

34
Cookies

82 HTTP transactions
0 data transactions