Report - www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm

Report Overview

Submitted URL
www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
IP
204.62.118.87
ASN
#19247 AS19247
Submitted
2023-01-12 16:19:26
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	720 B	2.7 kB	13.107.42.14
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	630 B	54.230.111.8
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
api.tiles.mapbox.com	12208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	783 B	8.4 kB	54.230.216.182
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	215 kB	142.250.74.35
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	54.230.245.110
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	16 kB	151.101.84.157
180937.tctm.co	226808	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	18 kB	54.230.111.23
www.nm.org	208191	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	1.2 MB	204.62.118.87
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	34 kB	151.101.65.229
ajax.aspnetcdn.com	693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	26 kB	152.199.19.160
4642920.fls.doubleclick.net	227122	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.4 kB	142.250.74.38
web.northwestern.nm.org	406035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.3 kB	142.0.165.166
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	142.250.74.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.9 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.9 kB	14 kB	142.250.74.131
ocsp.entrust.net	1208	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.0 kB	104.110.10.32
ct.pinterest.com	852	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.4 kB	23.38.200.197
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	142.250.74.132
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.208.31.97
js.adsrvr.org	1664	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	2.4 kB	54.230.241.118
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.1 kB	142.250.74.34
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	5.1 kB	23.36.76.210
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	1.7 kB	54.230.111.75
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	48 kB	104.17.25.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	70 kB	54.230.111.79
www.youtube.com	90	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.6 kB	172.217.21.174
cdn.feedbackify.com	46327	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	744 B	8.2 kB	151.139.128.10
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	841 B	593 B	104.244.42.69
fast.wistia.com	5153	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	117 kB	151.101.130.110
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	6.5 kB	142.250.74.138
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	736 B	3.8 kB	104.18.20.226
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	28 kB	216.58.207.202
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.0 kB	142.250.74.2
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	557 B	216.239.34.36
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	593 B	705 B	108.177.14.155
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.4 kB	13.107.42.14
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	524 B	15.197.193.217
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	858 B	613 B	104.244.42.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
img.en25.com	6484	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	2.8 kB	104.66.120.119
www.medtargetsystem.com	11528	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	120 kB	34.230.237.180
s.pinimg.com	732	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	733 B	23 kB	23.38.200.197
polyfill.io	102644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	608 B	151.101.1.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-12 16:18:59	medium	Client IP	204.62.118.87	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (60)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-19 19:08:39 Times Seen22315 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	367 B	2023-03-07	2024-02-27
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:07:05 Last Seen2024-02-27 12:47:08 Times Seen43 Hash 753348c1732223fbff41e292c4b08f5f 7154791aa5f425c80426e92abf93a9483bfec614 f000f989c54a898582f0cb1c5f40fe65c9a16cb164075a69b1a1e88635e81ad7 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	172 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-03-12 21:26:00 Times Seen1 Hash 8629ec8870824975ab2696ee8c63a89e 4ae69d553b49cdbe263d54fa5bd358dee60fa82d 4d33245f8763e58b514579dc5d78b09d6e24a3eb3cb1577aeb525ad10ea545f7 Loading...

	www.nm.org/content/northwestern/dist/js/doctors/searchoverlay.js?version=0628b1fb72	5.4 kB	2023-03-12	2023-03-12
Pretty URL www.nm.org/content/northwestern/dist/js/doctors/searchoverlay.js?version=0628b1fb72 IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-03-12 21:26:00 Times Seen1 Hash 0628b1fb72a8e497895362645585af0e 0bab4a090c4de53ed895551a824ba5c1508d3894 b83c46a37bdc3f3cf64b40b76151e7bb788ae955663ba17227d14044d467110d Loading...

	www.nm.org/Content/Northwestern/js/bundles/validation/jquery.validate.customadapters.js	3.7 kB	2023-03-12	2023-03-12
Pretty URL www.nm.org/Content/Northwestern/js/bundles/validation/jquery.validate.customadapters.js IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-03-12 21:26:00 Times Seen1 Hash 0d6b82b67cb0ac9212301929cc58bd9a 1233841c038199a497f17164d205f17988001f1f cc7a9d6d47d8b52f7687d0b2f4c77e53274d6d0306d894732f2348bb01571bb5 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	470 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-03-12 21:26:00 Times Seen1 Hash 1e10bcd5637a008b8a6fc1f5e7164331 24ab4a6509a94c53ba4d0a3d9e49f5be4187f2b0 0589baf59f1952c00b7a98f89e1a53cbbd35d56b5602ff39a962b60244bc2aaa Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	615 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-03-12 21:26:00 Times Seen1 Hash 994cc9d653c491e965e035485337d9f2 23301befe05b9be4e31866742453e913962f70e4 a8d5d17f1cf279e76ea50ed96cf5428db6c2aefafa37fa0fe56c16542ef4e64e Loading...

	www.nm.org/Content/Northwestern/js/_libs/cdnjs/jquery.unveil2.min.js	2.9 kB	2023-03-12	2023-08-12
Pretty URL www.nm.org/Content/Northwestern/js/_libs/cdnjs/jquery.unveil2.min.js IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:00 Last Seen2023-08-12 11:45:33 Times Seen3 Hash 865832f4434b950bc4e14cbb16b101c4 c043e751a742547cce2aa58bbe01ba204539dbdb 7b16f02c4b5b7deb665d4d652eb1fd18f57da05782170e842a1b5d24309ede92 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-12	2023-03-12
Pretty URL www.youtube.com/iframe_api IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:30:10 Last Seen2023-03-12 21:40:45 Times Seen1 Hash 6437a9b3a230287381a3f3393db1d9a6 047c3adb6db3f81559021cf1ecaa14234b581552 ae10849778b9c2df3de606c25706b0b0436db2ba2783de6af980ccf2c14c9966 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-12	2024-03-30
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:01:01 Last Seen2024-03-30 11:38:49 Times Seen5925 Hash b846c9d158853dd4aa95d3d7407ed8bb 2cf0eb02a22e8bd80d19a50a84593420d777d5db f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 01:03:07 Times Seen36969168 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	382 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 5e97f8149bf69c0c86686b8946ad8926 7cf67de2ea552b4deab01c4731f2d59751071b0a 4f46f384e5f8dbac9c60f07a2c05002660ae3116b62251af048c817f1f7957bf Loading...

	polyfill.io/v3/polyfill.min.js?version=3.52.1	72 B	2023-03-07	2024-04-16
Pretty URL polyfill.io/v3/polyfill.min.js?version=3.52.1 IP 151.101.1.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-16 19:18:03 Times Seen289 Hash 7bf5fb2fd30cea050be6a48b90343984 e3d8fc7eec3e4338218b844d40a1ae86cc8581c6 aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Loading...

	www.nm.org/content/northwestern/dist/js/bundle-components.js?version=90a488a533	253 kB	2023-03-12	2023-03-12
Pretty URL www.nm.org/content/northwestern/dist/js/bundle-components.js?version=90a488a533 IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 90a488a5333a0365a6f1904318d8c51c 214c675bbe296f1bbbc69f0f1479387d62f4b211 603e4ee9bb36b584978cec3b43722b1183e4ab8dcd85a7d2cc7dfb9994831c8a Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	325 B	2023-03-07	2024-04-18
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:10 Last Seen2024-04-18 14:39:04 Times Seen2586 Hash 06b4b89af63d7f851febec5906cfdd0b 90000db80d4b2f885e15ec5053dbc69317a50703 642e0885f97ed6cbf7136e43421d3dd084d02b07dfc62a1cc80f42d6f69e3ca5 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	773 B	2023-03-12	2023-03-13
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-13 11:40:10 Times Seen1 Hash e208625ac80810fcf96ab2da50b31a37 6051d7354dd45c97f978c86f8288b3164105c5a0 0a0c3ddd59d5d4c4ada75ae72070291e483ba5f9ca6f35d2b36fee96cf26198e Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	339 B	2023-03-12	2023-03-13
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-13 11:40:09 Times Seen1 Hash 69ff513c2ee95429e4b8ddd90eaa9237 7e4e3bdce3220955e374a9ed7d59cd0f289870cd 98871addd6954441d4597d3a165b013c712cd507490ddaecc173b894ee5ee96b Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	416 B	2023-03-12	2023-03-13
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-13 11:40:10 Times Seen1 Hash 9c98d7f453afe7b3bdd223c811b2e0d3 12632f9c39bbef707a0cf919c6f4a52c9bc95f13 ca587fa054e7145b4f5b5a54b78f85b7af650531e392e88bb1bcf4baca1f2056 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	266 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash cf0040af4dba88ed85166241606ccf89 d6ab5ad04bd48527658a59e2e8d20557286f1800 b1c90851d320ceea9f53f45b7a151ff7bd08d09b49dc4012c0b27af4bc5a7b03 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	1.9 kB	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 74bdcff08d42a8dcb85725e487a02de6 4fb6dc06a84a326aa6ba95aa05b119c0d0ddf7a0 353a4d30ed250d4e7fdb20a1fb5974669d390bd1d7b3551f8cf7da14fb586478 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-16
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-16 19:18:01 Times Seen4327 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	s.pinimg.com/ct/core.js	1.1 kB	2023-03-08	2023-03-13
Pretty URL s.pinimg.com/ct/core.js IP 23.38.200.197 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:58 Last Seen2023-03-13 19:19:46 Times Seen1 Hash 8d9d0550c915347e312e24f00d311e50 cb44712b22cb011b759da4e741b543238839c735 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b Loading...

	www.googletagmanager.com/gtag/js?id=UA-52031007-1	113 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=UA-52031007-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 09ec3c59a0803800cf0050bdf036f27b bebdeb9601c2ad326ad7e1863eb19c905e7fdb11 5e09078be9d45264016ce7afa3befc0c3f19259acdeb5ece75515035775bc351 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 23:32:27 Times Seen259921 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NQF59F	392 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NQF59F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 930354a8ef4d29b6f6b15b292d4f2eb6 083ddf9d416f360f1258797a5f7486867aed5bd7 b998d0ec95b8de7436d10a7d1198d90ed151dc75857c8105a72ad04c36be997e Loading...

	script-app.mercuryhealthcare.com/mhc-orbit-v1.0.min.js	15 kB	2023-03-12	2023-03-13
Pretty URL script-app.mercuryhealthcare.com/mhc-orbit-v1.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-13 18:07:11 Times Seen1 Hash 3cf6746405c599a98cd5b02b86eec713 f6afd4abdff30dc313d31d1a454b4a1eb4a1336e ac63cb69307e8be45cab15775a4744e9f59cfced935628b3874fe7066c6bf27a Loading...

	static.hotjar.com/c/hotjar-1968954.js?sv=6	13 kB	2023-03-12	2023-03-12
Pretty URL static.hotjar.com/c/hotjar-1968954.js?sv=6 IP 54.230.111.8 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 46d04afd4e6ca2617248b95c28da1596 17037dfcfe715216c87ae49290472ae6c1d62dd7 53a47854405a58846402a3f3e11d6dc00aed9566dfddfea84ff354120048f36a Loading...

	cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js	11 kB	2023-03-07	2024-04-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-14 19:14:17 Times Seen4252 Hash 65f1d21d5fcc9d21da758adababd0c3c e0661d07d64c00008bc9d013d16eec0a0f156dc7 d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Loading...

	www.googletagmanager.com/gtag/js?id=G-B5ZCX6BD6N&l=dataLayer&cx=c	224 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-B5ZCX6BD6N&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 522b00175d38420497a066846d24d5a7 7cd5bee75a1c1e102d9bc7844066e630867a0f31 a316cf45ea46757f90ba57ff30415d2e142fc3e61c4c5a3348b6ad9854e986ae Loading...

	js.adsrvr.org/up_loader.1.1.0.js	4.6 kB	2023-03-07	2023-11-04
Pretty URL js.adsrvr.org/up_loader.1.1.0.js IP 54.230.241.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-11-04 15:38:59 Times Seen1096 Hash 98d98b3499058b76d58073cf8ede2f10 2ec5bc839a187c2a4d93499567e8fff091a6bcc4 ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Loading...

	www.nm.org/content/northwestern/dist/js/bundle-shared.js?version=697dce1da1	763 kB	2023-03-12	2023-03-12
Pretty URL www.nm.org/content/northwestern/dist/js/bundle-shared.js?version=697dce1da1 IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 697dce1da18e621eca5f9c7d4316465e 6bf1d5e37733a1b27940a0eb1b4201757d1bc894 6624d7177e44eb34309013abe54b9eb47000afb1770c597e3ea8f5d53b3da5b8 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	369 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash db642a1bd2baf74908a02ffc236c2423 b93193cc3937997008ef1aa6a72151f61045cd6b a7f530be3a1c2c6e70067402208e220271274a9293f2b9e1c806664bf920c4b9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	180937.tctm.co/t.js	51 kB	2023-03-12	2023-03-12
Pretty URL 180937.tctm.co/t.js IP 54.230.111.23 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash c179c86f3e743c71532d7ffbe9968873 6dc56a769e204d611cf773bbbd43d06364a57f5e 1b38edd198702cf348b3ea59cf00f86fba33930d1d3d3924d7e8667220ffc113 Loading...

	s.pinimg.com/ct/lib/main.9a94ee76.js	60 kB	2023-03-08	2023-08-13
Pretty URL s.pinimg.com/ct/lib/main.9a94ee76.js IP 23.38.200.197 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:58 Last Seen2023-08-13 09:32:28 Times Seen4 Hash ae6dc7983625b6533c70584774cc5270 f9725d6cb611692ccc4ec21a4db9d1c1cc6baf5f 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683 Loading...

	ct.pinterest.com/ct.html	436 B	2023-03-07	2023-04-05
Pretty URL ct.pinterest.com/ct.html IP 23.38.200.197 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2023-04-05 02:11:07 Times Seen676 Hash 59e69030b3eddd557aebcfedf0474a63 66d4f09f9ad02a4c0e28b9c1ecb2a699848dfeb7 6b3ab6e7095925d374e483784bd4beb874b39078c4263063b97d544ffc5457b3 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	164 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash dcb27923dd1ccfff3624f1152a17d2d1 983776a1bbefd9ec8db18164d8ccdc4dfa4fafd7 9c2bdab07d863ccd913a24c0aaed1be8235acbfbb8876925ba2d5d01d3bca87e Loading...

	img.en25.com/i/elqCfg.min.js	6.1 kB	2023-03-07	2024-04-19
Pretty URL img.en25.com/i/elqCfg.min.js IP 104.66.120.119 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-19 15:24:18 Times Seen2807 Hash 873bd8924abbb29cbea1e72f53383bce 2f95935f747785623015576f1aad75c6f03bcd33 3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8 Loading...

	cdn.feedbackify.com/f.js	14 kB	2023-03-10	2024-03-04
Pretty URL cdn.feedbackify.com/f.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:53:32 Last Seen2024-03-04 22:28:59 Times Seen13 Hash dea939d34e55d10e130a58729698c4e7 977f18bba25514cf97838040a58fde45eee95fee 5f9dffc8981b04103067aac0c2ca1e7d5be405c411b4a81a26c7e522f0ce4cdc Loading...

	www.youtube.com/s/player/d759e46a/www-widgetapi.vflset/www-widgetapi.js	187 kB	2023-03-12	2023-03-12
Pretty URL www.youtube.com/s/player/d759e46a/www-widgetapi.vflset/www-widgetapi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:30:11 Last Seen2023-03-12 21:40:45 Times Seen1 Hash 8ca7bb73dfcaa53846777e44ac10563c 7e4ebeaf79c07b015a32c3bbd4d99c8d7dc0df8c 1086a12fe0779d074e7d105e8435e511bcd2ec2a1681f6524172c0bd33bbe163 Loading...

	www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342\|1673540342\|1	92 B	2023-03-12	2023-03-12
Pretty URL www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342\|1673540342\|1 IP 34.230.237.180 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 7a5dc01c0b49a068ed60b3404f2145a8 68256495b61ef15cf2212ca3a8ecb5a7a8759a26 b83da486a657544ec596e534963decc1059f1dd2a79ca4fb26b6b9041a5faa7a Loading...

	www.medtargetsystem.com/js/build/iframe/fp.js?30	90 kB	2023-03-12	2023-10-28
Pretty URL www.medtargetsystem.com/js/build/iframe/fp.js?30 IP 34.230.237.180 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-10-28 03:59:05 Times Seen13 Hash 156d7bcf2b3ab9497df68b1a5c4d0266 f4b99cc4755450eda28c2db0970d7b762af71302 29e12c1696bc104491caf1fab72566804924f42ec24a3baa06d83b707b9d45db Loading...

	www.medtargetsystem.com/js/build/iframe/signal.js?30&partners=deepIntent.1.1\|lasso.2.2\|	107 kB	2023-03-12	2023-12-01
Pretty URL www.medtargetsystem.com/js/build/iframe/signal.js?30&partners=deepIntent.1.1\|lasso.2.2\| IP 34.230.237.180 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:39:06 Last Seen2023-12-01 21:27:18 Times Seen8 Hash dce73e81bd3d0a58c8c6ddda157d6511 1d3ea16d834303ded596794cf1541a8324db5990 c39274377525cdadd73915f2ae2d0eda3bc2c870e8370ca97780d7fbb5b8f04b Loading...

	cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js	32 kB	2023-03-07	2024-04-08
Pretty URL cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:21 Last Seen2024-04-08 14:56:40 Times Seen663 Hash 3ed83b7fbb9a4a039267b521b742bb11 6dea35181356547514ca65e3f779b5a8a54ab846 080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709 Loading...

	ajax.aspnetcdn.com/ajax/knockout/knockout-3.3.0.js	56 kB	2023-03-10	2024-03-12
Pretty URL ajax.aspnetcdn.com/ajax/knockout/knockout-3.3.0.js IP 152.199.19.160 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:25:58 Last Seen2024-03-12 08:52:20 Times Seen122 Hash a2d65ff1c1198342386c635ee984d207 59d677470345e3b4f28a2ee4af86879de1a0ad5b 43e21ee81d80adccf54b5d576da2ae4cacb595282014cf89b0f154f4c3b7aa95 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	282 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash c83d27fd1b99a59c949cbad9dbff2334 3c0fb6ff9163deb2b31354a781c9eecd0cc4276e 6ba7b941237708d4cd898c55545698273a46ba539d4ff34e7b55ac91a764c587 Loading...

	www.medtargetsystem.com/javascript/beacon.js?1673540341536	230 kB	2023-03-12	2023-08-28
Pretty URL www.medtargetsystem.com/javascript/beacon.js?1673540341536 IP 34.230.237.180 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:14:38 Last Seen2023-08-28 23:20:30 Times Seen6 Hash 766aff2bd827ed614eb0b7f5660dbbbe 5fcc3dff0dca77a3db3663b525b2382023b4c989 c24af8a10035030e64fcda74b9c520be38f9bcd81013a1ab7d0eeafb3db74922 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback	210 B	2023-03-12	2023-03-12
Pretty URL www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback IP 204.62.118.87 ASN #19247 AS19247 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash d9eff3b7237bca9ead6dec73cdb4b062 5139b642568e9dbc283ca7314a1d856e14475af2 9dcba912e6915da3545789ef756846cbd3c4132d48065bc99fd5bf6c38314155 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3cacdce3b8deb651b597f2054d349e48	194 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 3cacdce3b8deb651b597f2054d349e48 629e4958bc4105650262a8e674cea060eaa4bab3 334276dbe14ba96acbb9ca95dcd68cfd4f99862ede5b8c939a938a17cab7dbd1 Loading...

	#2 Eval - 05da12cfc6b5852c04bba19a304aba5c	328 B	2023-03-07	2024-03-31
Pretty Observations First Seen2023-03-07 01:03:32 Last Seen2024-03-31 01:02:00 Times Seen37 Hash 05da12cfc6b5852c04bba19a304aba5c 0e33afbbbcaf10f4dc364598799837b19a2e6446 9e4299fc2ad722f42c3cb5c6bee0e819a7a65b679593e5d5f2a82f5c19485bae Loading...

	#3 Eval - eacd458c2751cd23eabb2fcb04a657eb	92 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:10:59 Last Seen2024-04-19 01:20:16 Times Seen2250 Hash eacd458c2751cd23eabb2fcb04a657eb 78a01d75760bc72949e89d743a6824b893287ab4 2a967b9ccbab6ad1d3eed94b9157cb3dd9cbb57286e20a481d5a5c62a11fd8ca Loading...

	#4 Eval - e179a860964cddc5e8751afa6f420173	195 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash e179a860964cddc5e8751afa6f420173 77b502711a45794ce16cafdf08638f8673d85a38 05bff156db40bc75f27022a474051eae30977d2076ec26ed90b302634b9e661a Loading...

	#5 Eval - 849172a291bf27d72bc3d312bea98870	311 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 12:03:32 Last Seen2024-04-20 00:13:28 Times Seen2848 Hash 849172a291bf27d72bc3d312bea98870 a428bce2774cfb221ebef3a44ebe48042fe32a47 f23377476f3e798ff6e03a399b3a0f275a09b79afdfd766e87aae1e42787aa73 Loading...

	#6 Eval - f4bdceb0b8d5c31adffee5f0125c6da7	195 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash f4bdceb0b8d5c31adffee5f0125c6da7 aebefc6e1d70449d20bb95f8f66198e3948be5bc d709011c7064b53f94ae4ce82b424241f915c173e121e1b3d2efd70aa42c444d Loading...

	#7 Eval - 81d3bb54ab4faeaf2c675d59f0ba9ff2	88 B	2023-03-12	2024-02-05
Pretty Observations First Seen2023-03-12 16:55:46 Last Seen2024-02-05 02:10:29 Times Seen20 Hash 81d3bb54ab4faeaf2c675d59f0ba9ff2 2b394288bd0d2f558cee508825a20a0dc0386484 3ef7efb9c6e02127022291b9a8a35b393964fb75800d59004f291000c4620e8f Loading...

	#8 Eval - 2911eea04179568194d60958612e2391	195 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 2911eea04179568194d60958612e2391 b3aa484398fd204b890d8ca1a7887900a443f08f f5050180a473843d69de6960d1b4b2a2ca482de6bc899406339a924dbc302e82 Loading...

	#9 Eval - 4aa42703a8bfdaebeb7a3cf9b6e23247	397 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 4aa42703a8bfdaebeb7a3cf9b6e23247 5c0bd7b3ca3f99e47d8b27c869102a369839b7b0 5010252f32e61cff681a4c590b27592ebf29fb8cc2fb30a9c1acb46097acc288 Loading...

	#10 Eval - 9ac0b4708663724dffb4c6f2b814a6df	87 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-19 00:48:12 Times Seen4605 Hash 9ac0b4708663724dffb4c6f2b814a6df 7faabe0595feb52fef2eb924693458608d16a66e aab310ed9d84ead154e032927d4a74c007f4b03655f5596b12339ea61881ba4e Loading...

		Size	First Seen	Last Seen
	#1 Write - 9565b6aa050ef914ec94ace8df077337	2.2 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 21:26:01 Last Seen2023-03-12 21:26:01 Times Seen1 Hash 9565b6aa050ef914ec94ace8df077337 0ef77ae7ef3992ae7ff2144d16337060f34c041a bed0781298732b9f672e30a07eaf541b8cd25018172042c7de80118636902d0f Loading...

HTTP Transactions (127)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21291
Expires: Thu, 12 Jan 2023 22:14:05 GMT
Date: Thu, 12 Jan 2023 16:19:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4949
Expires: Thu, 12 Jan 2023 17:41:43 GMT
Date: Thu, 12 Jan 2023 16:19:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 12 Jan 2023 15:41:51 GMT
content-type: application/json
age: 2243
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4786
Expires: Thu, 12 Jan 2023 17:39:00 GMT
Date: Thu, 12 Jan 2023 16:19:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: pdMSB3Rqkp72PabJQDltu398+Q+TEptlaeYA8R78N3YqdRdPvOa1LN5aoiKiRgva3p85oopz9G05ez/lxQBtcg==
x-amz-request-id: MN1N39P0RV92J1XX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 12 Jan 2023 16:17:30 GMT
age: 104
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback

204.62.118.87

301 Moved Permanently

275 B

URL HTTP/1.1
www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
275 B (275 bytes)
Hash
d3e39e22906a7f5a052cb50b3e9f01cf
e24d2c990c21f42aae14bb20f09fca2317837b5b
8c69af5e4d4c8d6409b610f4cd5d1d0d6c1e4ab25ec6e919ed5a6c16345cf027

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

HTTP Headers

GET /patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
X-Env-Node: B
Date: Thu, 12 Jan 2023 16:19:13 GMT
Content-Length: 275

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 12 Jan 2023 16:19:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 12 Jan 2023 15:33:45 GMT
age: 2730
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1362750c01a8e1a2db32aa73ae46a48d
a423b43f2bd52bd4ec38b760a674866a1294c5ad
f0f57e27c4ec8f1cd8e05f530edc37fb1e4a94ffe92e5729939998346f2e204f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:15 GMT
Last-Modified: Thu, 12 Jan 2023 15:34:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback

204.62.118.87

404 Not Found

38 kB

URL HTTP/2
www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
Generic INItialization configuration []\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (372), with CRLF, LF line terminators
Size
38 kB (38013 bytes)
Hash
d6ce960b765d03844f0ff7be56127e76
660a719f8aa5ffd9fe205c304c6a8d4d6f3e0697
eaa8f57a2cd8667836cf0df77c4048110f63def28646f3025799af094d2d8f5a

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

HTTP Headers

GET /patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
set-cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 38013
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

104.17.25.14

200 OK

4.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (11084), with no line terminators
Size
4.0 kB (3980 bytes)
Hash
a5775b673c18ffa903cd1a6129ce5f87
ee2569b285a7dbc4ccc95b01a16f06943fade768
ab8ad2f07d5214be2ade4edcd295d5fb8f8aa60971b3ec1348063a8a19659fc9

HTTP Headers

GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5001709
expires: Tue, 02 Jan 2024 16:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jld588SteUhKwzFEVPwT7%2FEhBNyPy5jVHtfiLXHJsZxopL5QmIY9DcPm5iM1pgPq50phmJ6nqUgpWC2fXgw65jbbZPhI4pwaU7zSwstptzbm4sEB9lon%2FZz8gCEFKtOhWnEvnIzs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78873677d8d8b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3780624
expires: Tue, 02 Jan 2024 16:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQvKusggG2CCLX3QGTKX6FnSD3j%2BdL6olfqzA8hZb4oWj66gHMK393gY8aPKEaa%2FqdAWlwE0YP4hdMy9C6K6JnAUY6bVYCKNk8Tm%2B7z9rKNg%2B4FhaGmxGaP7Ruk3tSH8V7h94%2BKG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78873677d8ceb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css

104.17.25.14

200 OK

573 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/tiny-slider.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2121)
Size
573 B (573 bytes)
Hash
cc5c2a3feed4b50b7cfd5615e68b7d8f
0e72b182abcfe0c72292b0822f14d9246594bbef
c63f0ddca31bad9f4bb8c45a918f33c576fd89d6907e64ee73a528ddabe3c3b8

HTTP Headers

GET /ajax/libs/tiny-slider/2.9.2/tiny-slider.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:15 GMT
content-type: text/css; charset=utf-8
content-length: 573
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffd-882"
last-modified: Mon, 04 May 2020 16:17:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 599808
expires: Tue, 02 Jan 2024 16:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d78aWZp6h3k5JSYHLXFhnxNJOz%2B2TXK68YSlAs2SRyuiTL3sQIX5R88K6ceMMaMDiKu9mNDZEHKASfW3o9Utl25Z56OKwpDggYN3J7HxoZxsHBnSg36AIrja0AHbVX%2FYDeau0oJ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78873677e8ebb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

104.17.25.14

200 OK

11 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (31683)
Size
11 kB (11404 bytes)
Hash
80d31a0d3799702e1bcf1f1bd497e91f
87e0e0958bd15ecdad7fb786619da9e99902ab90
d2d3f7478bddfe95ec94341ea0ff0d9245890a172dfc31a91fa0bb384627a819

HTTP Headers

GET /ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 11404
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffd-7bfa"
last-modified: Mon, 04 May 2020 16:17:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18827158
expires: Tue, 02 Jan 2024 16:19:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMPFTwEKJZGPIxoMc5oDKa4S%2B%2F7CybKj2dGfCIWXIF7nzrEBH2eKBgt3SKU%2F4AkXAIIKF2Kf3Xf3JTy5keXlsob11M4klK8%2FQE9GBpL7XL4lCbPVMXPYjbxduQRF44SASdDb%2FKKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78873677e8e8b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.css

151.101.65.229

200 OK

3.3 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.css
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (15598), with no line terminators
Size
3.3 kB (3333 bytes)
Hash
11500bf957fd66824746d1f0878f97d2
2b7f51a848f24af4038faeeae03bbd52cd54cd8b
08d5f11e00ff7e62f31247503f88df2dd947e43405becd03af05dbe3971d567a

HTTP Headers

GET /npm/@fancyapps/ui@4.0/dist/fancybox.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.31
x-jsd-version-type: version
etag: W/"3cee-0nBcDQHfsMIPKlPzBhAaX/pebOA"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 12 Jan 2023 16:19:15 GMT
age: 35162
x-served-by: cache-fra-eddf8230124-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3333
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js

151.101.65.229

200 OK

30 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/fancybox.umd.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65502)
Size
30 kB (29671 bytes)
Hash
ad49e2af136551cf26d543789ec9d9d8
b3f117808f8b95a36df94826e7245aeaf6b126a8
08241846a1d84fc868bffb854e721e1571c775457b6780d9fb3abeffbf8fcbae

HTTP Headers

GET /npm/@fancyapps/ui@4.0/dist/fancybox.umd.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.0.31
x-jsd-version-type: version
etag: W/"19ca7-YDrz4C84GmWPE164D07veMx+dQ0"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 12 Jan 2023 16:19:15 GMT
age: 35163
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29671
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ROf2zGLG1iodyFO08j6X5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rxHCuTc2TUNDfwSAxDrawSlVjfc=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
36d866ff9883c4de599d7500e5d075c7
4c7f6817ef09645830f7ac8c74a303ae847dd25c
fc081651de3dd143b05c0fa145ea357197a8f2dda3507959e3f8288d3c42731a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fast.wistia.com/assets/external/E-v1.js

151.101.130.110

200 OK

117 kB

URL HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.130.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
117 kB (116712 bytes)
Hash
282001e895db748189013995ebcf6ef2
3b9b9e5ce07b3425512d6c43ad31a8619025749c
c514db3807351371a4b2c248c90da5a0546db8126539b2269b3850385cf6bd9f

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63c01565-1c7e8"
last-modified: Thu, 12 Jan 2023 14:12:53 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 12 Jan 2023 16:19:15 GMT
age: 495
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 60, 28
x-timer: S1673540356.885567,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116712
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.74.138

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:44:01 GMT
expires: Sun, 07 Jan 2024 18:44:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 423314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.tiles.mapbox.com/mapbox-gl-js/v0.53.1/mapbox-gl.css

54.230.216.182

200 OK

7.2 kB

URL HTTP/1.1
api.tiles.mapbox.com/mapbox-gl-js/v0.53.1/mapbox-gl.css
IP
54.230.216.182:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (9876)
Size
7.2 kB (7185 bytes)
Hash
df2e0ea615b7afd0fff35bf727449573
044e53f791e8270463fde5b1fc1ab9502dff9c0d
afbd31c3f452af0289203b92f50448280be3ea82560e17b48f0c50d7fe49bd25

HTTP Headers

GET /mapbox-gl-js/v0.53.1/mapbox-gl.css HTTP/1.1
Host: api.tiles.mapbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 11 Nov 2022 02:31:28 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "7cc1e6125e83776334068445de06f97d"
Last-Modified: Wed Feb 27 2019 22:28:32 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zRQvGy_S2-pPux-9v3EEpXH-2OlaAQROPh6K4HpkVs4sVCDkyHQgCw==
Age: 5406467

ajax.aspnetcdn.com/ajax/knockout/knockout-3.3.0.js

152.199.19.160

200 OK

26 kB

URL HTTP/2
ajax.aspnetcdn.com/ajax/knockout/knockout-3.3.0.js
IP
152.199.19.160:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (607)
Size
26 kB (25923 bytes)
Hash
4108bb57896a20931bc0d61f00a8ce57
34536afbfe89a4352fca3ad1148cc5921f6d20e0
61e6a28d0956a823f87f6ed246367184f5526a272a131d5a13f477539199143c

HTTP Headers

GET /ajax/knockout/knockout-3.3.0.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 28217248
cache-control: public,max-age=31536000
content-type: application/javascript
date: Thu, 12 Jan 2023 16:19:15 GMT
etag: "4565e94d033d21:0"
last-modified: Mon, 31 Oct 2016 23:43:27 GMT
server: ECAcc (ska/F76C)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25923
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
f2519dc6fa7f9ee6fd4a01b060217b23
432a6b1a705516a05c2138755de98eec9ba3ba96
ac30307cc40ea81ab6ff462e27548178450229220d45f17c3a35320debcb7dba

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 16:19:15 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B2755D62F00C2DD6065861A8A48A558153E7F892"
Expires: Fri, 13 Jan 2023 03:00:00 GMT
Last-Modified: Thu, 12 Jan 2023 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2134
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 788736789d53b503-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
36d866ff9883c4de599d7500e5d075c7
4c7f6817ef09645830f7ac8c74a303ae847dd25c
fc081651de3dd143b05c0fa145ea357197a8f2dda3507959e3f8288d3c42731a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
4ddf724fa2193c62bd3de2e31fd77d0e
e515d4571dae7e098236b634f552205f06c803d1
6a93c0ba0203240f59d1174320ac0ca5f64c8671111df9999fa6fd046b673af6

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 12 Jan 2023 16:19:16 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "780B57B0C496396417A0B230D67B960F6453478A"
Expires: Fri, 13 Jan 2023 03:00:00 GMT
Last-Modified: Thu, 12 Jan 2023 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1706
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 788736791e25b503-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
65f0c0830d6be2391df2dd2bbbf75794
264ed8ddd824620623aef3d5f68b2c027bd356a6
22ba0a0556a92482dfb6f2664d15fda8faa0768b4abfe327e530e3c90b721cd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nm.org/content/northwestern/dist/css/site.css?version=5a89346f5e

204.62.118.87

200 OK

150 kB

URL HTTP/2
www.nm.org/content/northwestern/dist/css/site.css?version=5a89346f5e
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
150 kB (149516 bytes)
Hash
03423dc31306673e8e6a1d36c020bbd6
edb924d92b069d2d4e3735b2ec826bd12840ab8e
10acd4d6374605b09b9f1bfa049f2ffd51052ed0f025f6f49bc05e0b8018c90d

HTTP Headers

GET /content/northwestern/dist/css/site.css?version=5a89346f5e HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:55:58 GMT
accept-ranges: bytes
etag: "06bff7531ed91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 149516
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/logo-northwestern-medicine-print.jpg

204.62.118.87

200 OK

11 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/logo-northwestern-medicine-print.jpg
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 765x54, components 3\012- data
Size
11 kB (10559 bytes)
Hash
9e252d5a1b434dba4f0dc22123eae3f9
99cfbbd17ccd23ebd53f2d095e62af363e678782
648db432f2980cf2fe6e7b516f81c912d3e39f409b5f97ea54efbfe9a707e527

HTTP Headers

GET /Content/Northwestern/img/logo-northwestern-medicine-print.jpg HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/jpeg
last-modified: Mon, 26 Oct 2020 20:01:18 GMT
accept-ranges: bytes
etag: "03b5ec4d2abd61:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 10559
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/northwestern-medicine-logo.png

204.62.118.87

200 OK

2.9 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/northwestern-medicine-logo.png
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 283 x 54, 8-bit colormap, non-interlaced\012- data
Size
2.9 kB (2946 bytes)
Hash
10a60f4b29aa26940af14b0b2db15653
ed97bff61b514a9d5d95d959da3684f9e6c1db7e
6e52b88fc554d403fd0f71905c9768efff3e16d2af7ac2c3660e76ee4f7b5470

HTTP Headers

GET /Content/Northwestern/img/northwestern-medicine-logo.png HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 26 Oct 2020 20:01:18 GMT
accept-ranges: bytes
etag: "03b5ec4d2abd61:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 2946
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/browser-icons/icon-chrome.png

204.62.118.87

200 OK

3.5 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/browser-icons/icon-chrome.png
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3517 bytes)
Hash
5b8ab27c3cc7404f4e49d558010fc959
4bc58f4d4722b72b917927ec48e2ba0ec658607a
0b52d95f43659072aaa2ee90e9c269425a8f277df2e01efefa030801eb16c2b8

HTTP Headers

GET /Content/Northwestern/img/browser-icons/icon-chrome.png HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:06:08 GMT
accept-ranges: bytes
etag: "0386c411798d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 3517
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/browser-icons/icon-edge.png

204.62.118.87

200 OK

3.9 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/browser-icons/icon-edge.png
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3883 bytes)
Hash
71ee27ea2be437a236d75d1ba1b1e333
5f14b06183061e3143c8cca52a92a02465177538
f4036a8dd673d103fdfc33d06466c528a02e0757f4f4b924b83a43d2fd7c7078

HTTP Headers

GET /Content/Northwestern/img/browser-icons/icon-edge.png HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:06:08 GMT
accept-ranges: bytes
etag: "0386c411798d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 3883
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/browser-icons/icon-safari.png

204.62.118.87

200 OK

4.8 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/browser-icons/icon-safari.png
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4846 bytes)
Hash
0bc0835ccd3bdc4dac46650b43c577a8
b9b1aac62d1d3be61ae3c0d11f34fb19960dcf49
e100c4715c7463a8fd5328616c2877ee31bd4c2ee4a82648cee4897c12987102

HTTP Headers

GET /Content/Northwestern/img/browser-icons/icon-safari.png HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:06:08 GMT
accept-ranges: bytes
etag: "0386c411798d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 4846
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/img/browser-icons/icon-firefox.png

204.62.118.87

200 OK

4.1 kB

URL HTTP/2
www.nm.org/Content/Northwestern/img/browser-icons/icon-firefox.png
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4140 bytes)
Hash
1d19ae40d6a3b9938f7ca758a8f2e20a
834af3fdf21022dcca05daeceb5538512242f6ef
6cc22d6412327b3f27e92d68d4279c6e3dc309c9d102c53f24e91391d3882e7f

HTTP Headers

GET /Content/Northwestern/img/browser-icons/icon-firefox.png HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:06:08 GMT
accept-ranges: bytes
etag: "0386c411798d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 4140
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/js/_libs/cdnjs/jquery.unveil2.min.js

204.62.118.87

200 OK

1.3 kB

URL HTTP/2
www.nm.org/Content/Northwestern/js/_libs/cdnjs/jquery.unveil2.min.js
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
ASCII text, with very long lines (2804), with CRLF line terminators
Size
1.3 kB (1316 bytes)
Hash
5ace4b0637d0d7c1ccd0e21a12c296d4
0cfc5cf6d89a92a43ad6785198c6ba65b992f772
486dd1d564d811b4e5d8559cc6d98dfb31c7b9f7628cdad11e39f576cc050a3e

HTTP Headers

GET /Content/Northwestern/js/_libs/cdnjs/jquery.unveil2.min.js HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 20:01:18 GMT
accept-ranges: bytes
etag: "03b5ec4d2abd61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 1316
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:41 GMT
expires: Tue, 09 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 249995
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21916, version 1.0\012- data
Size
22 kB (21916 bytes)
Hash
4b63cb477ab7d5e6977a788100ae58d5
c6e58ffe35827e911091dfbe4447b9902406c9d0
b5bc6e295567ab6723e8b71b9cebbaf12239f9a94c804af09e57412ce70c3177

HTTP Headers

GET /s/notoserif/v21/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 22:43:38 GMT
expires: Sun, 07 Jan 2024 22:43:38 GMT
cache-control: public, max-age=31536000
age: 408938
last-modified: Mon, 09 May 2022 19:18:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23520, version 1.0\012- data
Size
24 kB (23520 bytes)
Hash
479bf1b77f6d28e6a61d41fa6092ae5e
42303ff679b00e708b7518e15a398646571822bd
23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854

HTTP Headers

GET /s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 04:30:06 GMT
expires: Wed, 10 Jan 2024 04:30:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:16:34 GMT
content-type: font/woff2
age: 215350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

142.250.74.35

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27456, version 1.0\012- data
Size
28 kB (27456 bytes)
Hash
80becb8b7638756b35eebf31518f8904
ba154f44545a98796887a9b5cfd84d765d3d0c05
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

HTTP Headers

GET /s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 23:51:22 GMT
expires: Wed, 10 Jan 2024 23:51:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 20:10:48 GMT
content-type: font/woff2
age: 145674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22476, version 1.0\012- data
Size
22 kB (22476 bytes)
Hash
c221fd7b9d189773de5e54745a6dc28c
9a58a6bd08f6cda6acbfaaa160375d3e1c5c93f0
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

HTTP Headers

GET /s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 22:44:12 GMT
expires: Wed, 10 Jan 2024 22:44:12 GMT
cache-control: public, max-age=31536000
age: 149704
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2

142.250.74.35

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20452, version 1.0\012- data
Size
20 kB (20452 bytes)
Hash
748e4474d6c6b46abba5a50f0a986152
575fd87ae9167d233d8c024ade8544d09c1b9eef
722d1d506241600936dd8a2bd82430e214405cefb4ee2496194ddedc92f0d193

HTTP Headers

GET /s/droidserif/v19/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 15:47:10 GMT
expires: Wed, 10 Jan 2024 15:47:10 GMT
cache-control: public, max-age=31536000
age: 174726
last-modified: Tue, 19 Apr 2022 19:27:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7CDroid+Serif:400,400italic,700,700italic%7CNoto+Serif:400italic,700

216.58.207.202

200 OK

27 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7CDroid+Serif:400,400italic,700,700italic%7CNoto+Serif:400italic,700
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
data
Size
27 kB (27326 bytes)
Hash
a3cbade370c767ddda24e80af9553370
ee096707822dc52ab2b8f39e5fcb6ff09fd8cd02
4de6f2ea964ce9ff6cb01edc18947d41d122f076ffddf8faf72489fc14d04acc

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i%7CDroid+Serif:400,400italic,700,700italic%7CNoto+Serif:400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 12 Jan 2023 16:19:16 GMT
date: Thu, 12 Jan 2023 16:19:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.35

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:12 GMT
expires: Sat, 06 Jan 2024 13:33:12 GMT
cache-control: public, max-age=31536000
age: 528364
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
71e87185e70f595e12a3613f1ac35c67
f1818783717cc0cb399a0bcddb8a9029cf7166d1
dff5f1029a06d6f1ed59e1f3e33af77d2ac550553d9fc69be48c2a81093dc2db

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c66adf4d38cf3094064bef92dc1c84d0
82416715584c8508a8c5335020c494e847eb5fd3
f8aa40f0d3cda7b4c8fb0cc26a077927454893d757ae4104ad57e4fcf237c242

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c66adf4d38cf3094064bef92dc1c84d0
82416715584c8508a8c5335020c494e847eb5fd3
f8aa40f0d3cda7b4c8fb0cc26a077927454893d757ae4104ad57e4fcf237c242

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

4642920.fls.doubleclick.net/activityi;src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback?

142.250.74.38

200 OK

297 B

URL HTTP/2
4642920.fls.doubleclick.net/activityi;src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (588), with no line terminators
Size
297 B (297 bytes)
Hash
29b178fb1b988ccb542005f704b15bb4
083f65253e78d35680bfe0b925bfb51126312aa8
bf63369ccd1f176fb9f92e41d54e5fd70a82c23c08b0bff2394c0ade51bbc157

HTTP Headers

GET /activityi;src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback? HTTP/1.1
Host: 4642920.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Jan-2023 16:34:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

4642920.fls.doubleclick.net/activityi;src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback?

142.250.74.38

200 OK

306 B

URL HTTP/2
4642920.fls.doubleclick.net/activityi;src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (590), with no line terminators
Size
306 B (306 bytes)
Hash
99af4a05e588cd81e9545e928f778640
4704daa9ed82b8d0bbc467516c9927e0b3881a5f
705cabc6873f3305803751b0c6e1a0bcb7f0e410b60963b19db27f1818b419b2

HTTP Headers

GET /activityi;src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback? HTTP/1.1
Host: 4642920.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 306
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Jan-2023 16:34:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c66adf4d38cf3094064bef92dc1c84d0
82416715584c8508a8c5335020c494e847eb5fd3
f8aa40f0d3cda7b4c8fb0cc26a077927454893d757ae4104ad57e4fcf237c242

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nm.org/content/northwestern/dist/js/bundle-components.js?version=90a488a533

204.62.118.87

200 OK

56 kB

URL HTTP/2
www.nm.org/content/northwestern/dist/js/bundle-components.js?version=90a488a533
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
Unicode text, UTF-8 text, with very long lines (520), with CRLF, LF line terminators
Size
56 kB (56386 bytes)
Hash
9a59766035ac0af6fbc0afba76bd4c63
1061e30f4dfd1bce876e086602e0410bb84fbb30
92bc1906e8c85a66f24c63bab9e7e27d64947b33e4c2b3e6af0650267799ff54

HTTP Headers

GET /content/northwestern/dist/js/bundle-components.js?version=90a488a533 HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:55:52 GMT
accept-ranges: bytes
etag: "0e46b7231ed91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 56386
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aabd4cb92d42e0c9e2d3860118029a6c
53325cdd89f9a117ac79dff7cedfd6370b07f33b
d9bc7a65b7e179ebd42170d0d43372e90739264df1f87a511ee0aab5ab012e85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9ee9070e153bc0be89878860ca024177
a207ab2c4efdf959110cdbf0ca1e2a4ad41ca2a4
0bbd0335d60ede5782096cc8dc60293f60c24fc0c6285b33f2a9663615afc66d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback

142.250.74.2

200 OK

297 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (587), with no line terminators
Size
297 B (297 bytes)
Hash
c5ebafbb55a7f665bc7537f055a532a5
3d617191f3baaa8e40c3340841287b03ac6649f4
8d83b4aec4829ae682129151385665f4d7be70ac7f870d83e85f6f76ebf3eaae

HTTP Headers

GET /ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4642920.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback

142.250.74.2

200 OK

306 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (589), with no line terminators
Size
306 B (306 bytes)
Hash
939a5dd5ac4b2ea25274de72cc7a136d
1dbf8cba8b07f97932aeb5ac4d189585be5224bc
b33c7c379f74bac260a0a07eae40707ec6784b06604b62d0280054b458b33cc9

HTTP Headers

GET /ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4642920.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 306
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9ee9070e153bc0be89878860ca024177
a207ab2c4efdf959110cdbf0ca1e2a4ad41ca2a4
0bbd0335d60ede5782096cc8dc60293f60c24fc0c6285b33f2a9663615afc66d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.adsrvr.org/up_loader.1.1.0.js

54.230.241.118

200 OK

1.9 kB

URL HTTP/1.1
js.adsrvr.org/up_loader.1.1.0.js
IP
54.230.241.118:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4593), with no line terminators
Size
1.9 kB (1918 bytes)
Hash
a8dc4482053f1d083f27d34ceeea1cbd
6bc208909339ac82a1f12722d78b3aa633008452
0c4c42bc3ffe74dad7814fef97f081777141f4a8b3acd4186e4f450535070037

HTTP Headers

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 12 Jan 2023 06:03:06 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 01jO1taNs0EzGua-a5WCypwf1BkT_jXzNy0bV-owBjtWmgi-1rqFOQ==
Age: 36971

www.nm.org/content/northwestern/dist/js/bundle-libs.js?version=58dd520a4a

204.62.118.87

200 OK

758 kB

URL HTTP/2
www.nm.org/content/northwestern/dist/js/bundle-libs.js?version=58dd520a4a
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
ASCII text, with very long lines (23788), with CRLF, LF line terminators
Size
758 kB (758246 bytes)
Hash
a0e183e2064fdc2d9f05468469867df1
de6929da66c56791a7c29ce3c7248107e4f7b96c
57b5f0495d83191e1427e84f668886aafa1d78b6aa12e778f7c8aab43e92c28a

HTTP Headers

GET /content/northwestern/dist/js/bundle-libs.js?version=58dd520a4a HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:55:58 GMT
accept-ranges: bytes
etag: "06bff7531ed91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 758246
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=4642920;type=universa;cat=lc_un0;ord=1;num=3961872390641;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Thu, 12 Jan 2023 16:19:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=4642920;type=undefined;cat=undefined;ord=1016911054762;gtm=2wg1a1;auiddc=1571431178.1673540341;~oref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:16 GMT
expires: Thu, 12 Jan 2023 16:19:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
41e24a0cfd139513105cdf694b82da27
34be64d972fe555b75ab895175b3b0619253f06a
9a5c64fef0280bbbdb7fd9bed8f304dbc5f4a0fbd018b80e6ae8ad8893a7ca74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2aad7c8cb4ab370b2280ffb2e72f25fe
042fb38eb95089e4503f0c5b262228c1c785434c
cbc2ac28783181369b4fbc3d95d1e62cf5bbd043f6b33cffc5602eeebb0eef97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 12 Jan 2023 16:19:16 GMT
Last-Modified: Thu, 12 Jan 2023 15:07:06 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eZZO1gfhCYpq1e5Co0lNUBP3uyoBVSI9z4vQ8rD0Pq7eMXXwirGtfw==
Age: 4330

www.nm.org/content/northwestern/dist/js/bundle-shared.js?version=697dce1da1

204.62.118.87

200 OK

155 kB

URL HTTP/2
www.nm.org/content/northwestern/dist/js/bundle-shared.js?version=697dce1da1
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
ASCII text, with very long lines (335), with CRLF, LF line terminators
Size
155 kB (154919 bytes)
Hash
121cb359f52ea71dc9fb1d33c9a43fd9
75ff480589bacd1c2a237ef54b350445daeb38c8
cb6734c92b00efac7badc17805d4c144a44b37f742b2f3d91d23e456673370fe

HTTP Headers

GET /content/northwestern/dist/js/bundle-shared.js?version=697dce1da1 HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:55:58 GMT
accept-ranges: bytes
etag: "06bff7531ed91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 154919
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/js/bundles/validation/jquery.validate.customadapters.js

204.62.118.87

200 OK

1.1 kB

URL HTTP/2
www.nm.org/Content/Northwestern/js/bundles/validation/jquery.validate.customadapters.js
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1086 bytes)
Hash
303d311bf004f7123f13da8daa4c6ca6
7428bb832feba8aae9680e28dad71975d9215e33
b9c84853e1a10c0fee3a01e2a79b384c1570f59b165c68944e676ff44cbb452e

HTTP Headers

GET /Content/Northwestern/js/bundles/validation/jquery.validate.customadapters.js HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:29:52 GMT
accept-ranges: bytes
etag: "0b8ba6d2c6d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 1086
X-Firefox-Spdy: h2

www.nm.org/content/northwestern/dist/js/doctors/searchoverlay.js?version=0628b1fb72

204.62.118.87

200 OK

1.4 kB

URL HTTP/2
www.nm.org/content/northwestern/dist/js/doctors/searchoverlay.js?version=0628b1fb72
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
ASCII text
Size
1.4 kB (1389 bytes)
Hash
ccb9d55986c882917576ec42dd45b3a2
8a26691ab293a49b39420fbc465c97a00a3230dc
26a1721119cfd40013fa9e29a592c62e9ab3bd5928ce9d1d381144c34d9ce796

HTTP Headers

GET /content/northwestern/dist/js/doctors/searchoverlay.js?version=0628b1fb72 HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:55:50 GMT
accept-ranges: bytes
etag: "0b73a7131ed91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 1389
X-Firefox-Spdy: h2

www.nm.org/content/northwestern/img/northwestern-medicine-logo-white.png?v=20160601

204.62.118.87

200 OK

6.5 kB

URL HTTP/2
www.nm.org/content/northwestern/img/northwestern-medicine-logo-white.png?v=20160601
IP
204.62.118.87:0
ASN
#19247 AS19247

File type
PNG image data, 282 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6464 bytes)
Hash
a81fe130ba35f233c935b622764bf6c9
cf63beb08db6695bfd981db5c2f6593d8098b248
8a260ce9fbb4b8ef4820384adbd1cb69e84096f1d29aa07fb03224e893d51350

HTTP Headers

GET /content/northwestern/img/northwestern-medicine-logo-white.png?v=20160601 HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/content/northwestern/dist/css/site.css?version=5a89346f5e
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90; _gcl_au=1.1.1571431178.1673540341
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=604800
content-type: image/png
last-modified: Mon, 26 Oct 2020 20:01:18 GMT
accept-ranges: bytes
etag: "03b5ec4d2abd61:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 6464
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8951
Expires: Thu, 12 Jan 2023 18:48:28 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8951
Expires: Thu, 12 Jan 2023 18:48:28 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8951
Expires: Thu, 12 Jan 2023 18:48:28 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8951
Expires: Thu, 12 Jan 2023 18:48:28 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7140 bytes)
Hash
a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:43:26 GMT
age: 66951
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hYVWaQnzP-UnHWvrvXDoy_0YErGDaS7hVjDTVHWVoSKqAEjDIdG1Tg==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 12:27:31 GMT
age: 13906
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10382 bytes)
Hash
c49e1d8385d23251cbd4ac2574545982
f283baf033327519c05c725f2319b9465f29b1d6
dc91b181ea0e78ff27bbac3e80f3f937fe9f067ef417f02fe0095ef10fdcd1d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e59b65e-133d-4564-94e3-e913d5a394ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10382
x-amzn-requestid: a9fc1c50-7606-46cb-b49e-62e765d0c88f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPC9GLfIAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bac-3cbf968a6447542b6c931ac0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XCcge2Ruz-j01PJpHpnOuCiaH8OQYiQjh-IQaQ18e875_qfgqzXzGw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 66255
etag: "f283baf033327519c05c725f2319b9465f29b1d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8689 bytes)
Hash
94f1c1490ac711097f5eef5e6adab49d
bb41e2958d267cc2d5b24457a6048f484c8cd429
94f854077e6008b97f63419a283f70327ebc8a05794a9dd9fa0518f0f5b00e14

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fbbc90d-c4c5-45db-ac55-16077e5b0d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8689
x-amzn-requestid: c88866a0-e22b-4f8c-b423-1d970ebde318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: egZ9sHuuoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bcd6bd-063dab1f2c6aaab03e5fdb9a;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 03:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_7dfck1JpoBljLhEqdVOXQQxz4HERkMcGbN0-V0Q3hqNdNA9-_jrA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 03:29:07 GMT
age: 46210
etag: "bb41e2958d267cc2d5b24457a6048f484c8cd429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10579 bytes)
Hash
fb89a11a1dca9a2924adf7e3712c6405
a881a7d88f08035b9e045f2bf73a4d9fabc640a0
8a0c9f295dd30123847eaed0ba8d4e7c2c6dea8b9c645fc70cdcb4fa8c082ee4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52f112f6-2553-4ba2-971f-71e30bee1d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10579
x-amzn-requestid: 8760acae-f770-45e2-9639-53967ef1cdb2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPDWET4oAMFo-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2bae-153ebb3e4ec7d5045529ce0a;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:35:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FC9xd9brDeAOtHjXnkpSO0IOX1rLjGRVkuBguuwJ2xFDTq0x9-QtaQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:55:02 GMT
age: 66255
etag: "a881a7d88f08035b9e045f2bf73a4d9fabc640a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7572 bytes)
Hash
f5be19dbab0e6de72252ad1d0a918d14
dcaad5032b156502921ee6dd453ad9d6b94eceb7
cc359e0142be054d7fc5af545b0368e44a3f8f257aa8306cac903cc3ff7a3f64

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f7ca4e6-30ce-4176-bdc0-c1c768327a5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: e59fc954-0f07-43fd-bc9e-be0a6dbe0055
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: emPMAHpSIAMFc4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf2be6-23038d0606616ad81dbd2de5;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2UG8x2jCqfne8ZL7KyAvZf9eR33ye8BYSIevjQmu3c_Y_a19f3sgA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:51:55 GMT
age: 66442
etag: "dcaad5032b156502921ee6dd453ad9d6b94eceb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
782744d6caac06904bba621055eaed65
914417d69d5dcc1d2805a96743bb03eb093845a6
0230b25e4c06e35c9832f1c1a0f4d085985e88715cdc2141b0dba7d1f3afd67e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132333
Date: Thu, 12 Jan 2023 16:19:17 GMT
Etag: "63bf8b9d-1d7"
Expires: Sat, 14 Jan 2023 05:04:50 GMT
Last-Modified: Thu, 12 Jan 2023 04:25:01 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UkHDbJIiPyHWw1aWPs51VxqMGCB66xILw4EAYD47hez2XK8O9EeH9Q==
Age: 2389

region1.google-analytics.com/g/collect?v=2&tid=G-B5ZCX6BD6N&gtm=2oe1a1&_p=137197462&cid=527195117.1673540341&ul=en-us&sr=1280x1024&_s=1&sid=1673540341&sct=1&seg=0&dl=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&dt=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-B5ZCX6BD6N&gtm=2oe1a1&_p=137197462&cid=527195117.1673540341&ul=en-us&sr=1280x1024&_s=1&sid=1673540341&sct=1&seg=0&dl=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&dt=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-B5ZCX6BD6N&gtm=2oe1a1&_p=137197462&cid=527195117.1673540341&ul=en-us&sr=1280x1024&_s=1&sid=1673540341&sct=1&seg=0&dl=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&dt=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.nm.org
date: Thu, 12 Jan 2023 16:19:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img.en25.com/i/elqCfg.min.js

104.66.120.119

200 OK

2.2 kB

URL HTTP/1.1
img.en25.com/i/elqCfg.min.js
IP
104.66.120.119:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (6080), with no line terminators
Size
2.2 kB (2183 bytes)
Hash
653932b9065b662394993fd19677a932
854c6c3b96fc647f07bf9a1698387d1253bcb61c
ba8a6983167c051ebdd701cb59293a88346b84f2a9802f59ecc75ca49f383a7d

HTTP Headers

GET /i/elqCfg.min.js HTTP/1.1
Host: img.en25.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: application/x-javascript
Last-Modified: Mon, 03 Oct 2022 17:55:36 GMT
Accept-Ranges: bytes
ETag: "ff37a05751d7d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store
Expires: Thu, 12 Jan 2023 16:19:17 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Content-Length: 2183
Connection: keep-alive

cdn.feedbackify.com/f.js

151.139.128.10

200 OK

5.2 kB

URL HTTP/2
cdn.feedbackify.com/f.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (746), with CRLF line terminators
Size
5.2 kB (5195 bytes)
Hash
d8e3f358ae487a49a21c400dc7a62b6f
3054e82345a25a76b9586814507a3c111152d9fc
a0e2621e0bd8de01694285cdaf6f6595e0f8caff112998888bf174315c480bae

HTTP Headers

GET /f.js HTTP/1.1
Host: cdn.feedbackify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-encoding: gzip
content-length: 5195
content-type: application/x-javascript
last-modified: Sat, 02 Oct 2021 12:08:16 GMT
accept-ranges: bytes
x-amz-id-2: 7fwYNt2IsxlwoxQSSKm10Qx8C/GKljS08lhkJIXyrhPBuehrU6EM85jY9KfoQmM2q8iTHBnZD34=
x-amz-request-id: 107RXK1PRZ9PM01R
etag: "dea939d34e55d10e130a58729698c4e7"
cache-control: max-age=300, public
x-amz-meta-cb-modifiedtime: Sat, 02 Oct 2021 12:02:39 GMT
server: AmazonS3
x-sp-metadata: HS256.CJWCgZ4GEocBCiRmOGE5OGZlMy1iNzM4LTQ5ZTgtYmMyYy0wOTc3YWU5YjNmNzYQwIXevOrm+QIaBgiF5oCeBiIMOTEuOTAuNDIuMTU0KKymATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkNjMxMjI0ZTUtMzU0Yy00YzZlLTg2NjctYzE1MzBlMzVlMDY1GMsoIhgIAhIUY2RzMjE5LnNrMS5od2Nkbi5uZXQ=.X4v9ipkd/fIM7TcCRnRuLcLFCsemrxfNHau/LEIwAYU=
x-hw: 1673540357.cds215.sk1.hn,1673540357.cds219.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.feedbackify.com/img/classic/tab.png

151.139.128.10

200 OK

1.2 kB

URL HTTP/2
cdn.feedbackify.com/img/classic/tab.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 36 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1174 bytes)
Hash
44f5fb47b97ba687b5c63494fd131177
0414a4aa9168d33b4ed9626b0b3d0cd1f13b5584
f60efe58830b27bcd317e0ca19bc802c0123ce13f9293368929b0cc84353e403

HTTP Headers

GET /img/classic/tab.png HTTP/1.1
Host: cdn.feedbackify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-length: 1174
content-type: image/png
last-modified: Fri, 18 Oct 2013 09:36:50 GMT
accept-ranges: bytes
x-amz-id-2: iqUx5U+aE/4s2tMuMHhwO+wHt+jC7j17pHI9GdjOOQTS5EHVDtPNZMqr02IpAcGGl1Q+TdW4MQg=
x-amz-request-id: T266H76395MPG85Z
etag: "44f5fb47b97ba687b5c63494fd131177"
cache-control: max-age=315360000, public
server: AmazonS3
x-sp-metadata: HS256.CJWCgZ4GEocBCiRhMDdlZGQxZS1iYTE0LTQ2MTktOTc2ZS0xN2I0NWE3N2M3YTYQwIXevOrm+QIaBgiF5oCeBiIMOTEuOTAuNDIuMTU0KKymATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkZTcwN2Q1NjgtNTAzMy00MWNjLTkwMTQtOWVhOTUwNzA0NjQwGJYJIhgIAhIUY2RzMjIwLnNrMS5od2Nkbi5uZXQ=.l2j8KPTm7QORMNbvaK5UI8sgenvUYrlfzkx45D7PLb8=
x-hw: 1673540357.cds215.sk1.hn,1673540357.cds220.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.8 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13351)
Size
4.8 kB (4777 bytes)
Hash
74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=73407
date: Thu, 12 Jan 2023 16:19:17 GMT
content-length: 4777
x-cdn: AKAM
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 12 Jan 2023 16:19:17 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

180937.tctm.co/t.js

54.230.111.23

200 OK

17 kB

URL HTTP/2
180937.tctm.co/t.js
IP
54.230.111.23:0
ASN
#16509 AMAZON-02

File type
data
Size
17 kB (17036 bytes)
Hash
821ffd2ff2ff0a7f00e26d4c05461a97
617d00692b0f98aaf3d5df992e6dcf636c6915b4
cc2c88504bf7df62e1fd0ab6300140c59648b464c9e509e7b79d9c20dc1bb4a5

HTTP Headers

GET /t.js HTTP/1.1
Host: 180937.tctm.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
date: Thu, 12 Jan 2023 16:19:17 GMT
set-cookie: ct180937=63c033050002c2c9376120b2; path=/; HttpOnly; SameSite=None; Secure
etag: W/63c033050002c2c9376120b2-180937
last-modified: Thu, 12 Jan 2023 16:19:17 GMT
cache-control: no-cache, no-store, must-revalidate
server: ctm
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nl4lTACzbNL-RUbWcf2q_KBrDJRARX_8f_bQaZDajRx5bOC6Vq00Zw==
X-Firefox-Spdy: h2

www.medtargetsystem.com/javascript/beacon.js?1673540341536

34.230.237.180

200 OK

67 kB

URL HTTP/2
www.medtargetsystem.com/javascript/beacon.js?1673540341536
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
data
Size
67 kB (67017 bytes)
Hash
3d1fddd70bf42dcae0b3fd1c0a2ce1e9
a1f7ac7e618e76d09bf23faeb65daecc2ab27582
f22c6e84591d43f1a79ab069fb453715f238917ff484aa98bdc0049b407b019c

HTTP Headers

GET /javascript/beacon.js?1673540341536 HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-type: application/javascript
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 17 Nov 2022 16:24:51 GMT
etag: "381e1-5edad074a7ac0-gzip"
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

s.pinimg.com/ct/core.js

23.38.200.197

200 OK

1.1 kB

URL HTTP/2
s.pinimg.com/ct/core.js
IP
23.38.200.197:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1146), with no line terminators
Size
1.1 kB (1146 bytes)
Hash
8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

HTTP Headers

GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.medtargetsystem.com/analytics/collect.gif?e=1&aid=&vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&vh=1&vt=1673540342&pt=1673540342&u=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&r=&t=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&p=3171.00&pm=&ab=&ak=203-8818-D3E2C6BF

34.230.237.180

204 No Content

0 B

URL HTTP/2
www.medtargetsystem.com/analytics/collect.gif?e=1&aid=&vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&vh=1&vt=1673540342&pt=1673540342&u=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&r=&t=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&p=3171.00&pm=&ab=&ak=203-8818-D3E2C6BF
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /analytics/collect.gif?e=1&aid=&vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&vh=1&vt=1673540342&pt=1673540342&u=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&r=&t=Page%20Not%20Found%20%7C%20Northwestern%20Medicine&p=3171.00&pm=&ab=&ak=203-8818-D3E2C6BF HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 12 Jan 2023 16:19:17 GMT
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
set-cookie: s-DMDSESSID=538df539eecbadac0d16c9bbd82034a3; path=/; domain=www.medtargetsystem.com; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
X-Firefox-Spdy: h2

www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1

34.230.237.180

200 OK

310 B

URL HTTP/2
www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (457), with no line terminators
Size
310 B (310 bytes)
Hash
fbddf3209c42a87bc77329457b434ee8
6973df06a2590c4e9bd582f8b3e32f75b31e5a6b
d3ca191467be9a380af9588d6625ad7f089de417dbb383e55ff37aa4f9b533b0

HTTP Headers

GET /beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1 HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-type: text/html; charset=UTF-8
content-length: 310
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: s-DMDSESSID=9b94b4293d2636e33ce4b16b02626c71; path=/; domain=www.medtargetsystem.com; HttpOnly; SameSite=None; Secure
s-dmd-id-x=read; path=/; domain=www.medtargetsystem.com; SameSite=None; Secure
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
57269dc1220beafbcccc91737c385a5c
de9381b5bdf3b71ba5838c87dd692cb8216ebfe0
115d2b8a5a3888df651d5550a80cfdac678a992ea965bd0f1e274350d6b3194d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5411
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:17 GMT
Last-Modified: Thu, 12 Jan 2023 14:49:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

54.230.111.75

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2fmLF0VGyMGyZQxVyBYTLcDoEofkeh0zBA-hAPEd99hbrBhE5SikPQ==
age: 3497834
X-Firefox-Spdy: h2

www.medtargetsystem.com/js/build/iframe/fp.js?30

34.230.237.180

200 OK

20 kB

URL HTTP/2
www.medtargetsystem.com/js/build/iframe/fp.js?30
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20475 bytes)
Hash
b2e8ebecd000ceb6197ba96db53f1621
589a73016dee418f8443b0ffc1db117eadd29d14
da6ab0aa3a253aa931f9851526bfa7e5f609f5eadedb86369f35c12fe30432e7

HTTP Headers

GET /js/build/iframe/fp.js?30 HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1
Cookie: s-DMDSESSID=9b94b4293d2636e33ce4b16b02626c71; s-dmd-id-x=read
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-type: application/javascript
content-length: 20475
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 17 Nov 2022 16:23:13 GMT
etag: "15d6d-5edad01731e40-gzip"
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

www.medtargetsystem.com/js/build/iframe/signal.js?30&partners=deepIntent.1.1|lasso.2.2|

34.230.237.180

200 OK

29 kB

URL HTTP/2
www.medtargetsystem.com/js/build/iframe/signal.js?30&partners=deepIntent.1.1|lasso.2.2|
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
HTML document, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
29 kB (29312 bytes)
Hash
d791aecb6d3f29d363f32246b96a7c26
9ac9e72b2126a85c55f0bc79a81771699f306868
d1256f5f310aad1446cb1e38d2dec8dc2d66e5b759e3aa54ef2aadeea810fc25

HTTP Headers

GET /js/build/iframe/signal.js?30&partners=deepIntent.1.1|lasso.2.2| HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1
Cookie: s-DMDSESSID=9b94b4293d2636e33ce4b16b02626c71; s-dmd-id-x=read
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
content-type: application/javascript
content-length: 29312
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Thu, 17 Nov 2022 16:24:50 GMT
etag: "1a044-5edad073b3880-gzip"
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
a9a94d871cba60ec93b1a0107e666e2b
7c189589abed367fd00bf4c71fc3c39aee791ed4
7a95bb660b65b76d68085470aeb4471ddd4b46bcb632964393f2bcd6e0c2701a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "7A95BB660B65B76D68085470AEB4471DDD4B46BCB632964393F2BCD6E0C2701A"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Thu, 12 Jan 2023 17:19:17 GMT
Date: Thu, 12 Jan 2023 16:19:17 GMT
Connection: keep-alive

t.co/i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29

104.244.42.69

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29
IP
104.244.42.69:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:17 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=b25b1f62-3131-4ae1-a12e-bc0ddfe807ce; Max-Age=63072000; Expires=Sat, 11 Jan 2025 16:19:17 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 43e01c724ce1f498
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 16820adba018678c84f9e66ef44abfe5545ccf3e03cdb967154e917bb9a2fe27
X-Firefox-Spdy: h2

web.northwestern.nm.org/visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&firstPartyCookieDomain=web.northwestern.nm.org

142.0.165.166

302 Found

299 B

URL HTTP/1.1
web.northwestern.nm.org/visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&firstPartyCookieDomain=web.northwestern.nm.org
IP
142.0.165.166:0
ASN
#7160 NETDYNAMICS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
299 B (299 bytes)
Hash
3bbd9f6373efd978177ef4abb0df7ef6
b0e161480ce2591e3b49861588ed6687d1c6745b
f49633c4d7975d35e119308fadeee0511554ae9847ea6122cc262246ba9b7078

HTTP Headers

GET /visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&firstPartyCookieDomain=web.northwestern.nm.org HTTP/1.1
Host: web.northwestern.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: _gcl_au=1.1.1571431178.1673540341; _ga_B5ZCX6BD6N=GS1.1.1673540341.1.0.1673540341.0.0.0; _ga=GA1.1.527195117.1673540341; __ctmid=63c033050002c2c9376120b2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 302 Found
Cache-Control: no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://web.northwestern.nm.org/visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&elq1pcGUID=84DA95E5B237498B9999E3014FCEBC09
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Thu, 12 Jan 2023 16:19:17 GMT
Content-Length: 299

www.medtargetsystem.com/_itu.png

34.230.237.180

200 OK

89 B

URL HTTP/2
www.medtargetsystem.com/_itu.png
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
89 B (89 bytes)
Hash
06e9a8a330f532093577a1487ca4ff15
77c280f383a1c2e7535577744f5af30e714a733b
2023d33cdcbc92384e340071f2f3a3ccbbd62712f938b15cf1fe823f93cbca59

HTTP Headers

GET /_itu.png HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1
Cookie: s-DMDSESSID=9b94b4293d2636e33ce4b16b02626c71; s-dmd-id-x=read
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:18 GMT
content-type: image/png
content-length: 89
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
access-control-allow-origin: *
cache-control: no-transform, max-age=0, must-revalidate, private
expires: -1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: private
set-cookie: s-dmd-id-x=deleted; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=www.medtargetsystem.com; SameSite=None; Secure
X-Firefox-Spdy: h2

script.hotjar.com/modules.0a5831f9446624640839.js

54.230.111.79

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.0a5831f9446624640839.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (47958)
Size
69 kB (68992 bytes)
Hash
c190d47cd0259bc45c4cf36c6c1a261a
a4d82aab61799b506dcaa84753e481eea33547ad
8593a0bee7b36326e5243a3eb4f70618a602a1d3646e732567ce05f7cda2c7cb

HTTP Headers

GET /modules.0a5831f9446624640839.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68992
date: Thu, 12 Jan 2023 12:30:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "c190d47cd0259bc45c4cf36c6c1a261a"
last-modified: Thu, 12 Jan 2023 12:29:16 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _r1JsHonpcCfDbBKkbJSAPe-sqnQja6L0nOv6e79NCIMtyDH8HVhPQ==
age: 13752
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

534 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data\012- data
Size
534 B (534 bytes)
Hash
8848e1a8610c664f1959043e80f9ed49
4348f49e4aa1611e466bdeb1198038fd4341e550
74f2d106b16082dd9cda5dc9675cada3f241c12ddc3d6677ee9cd689218454ea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
d9e314ca3e8b5b3f0d94c5d7aa85fc1b
d8e16c1cecf82ef607c2974c77847d9e9f32c70a
1e79bb936b6bb2014040dc66afd33d13a70a3e84e6f11c49df8c11edf30f4473

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6169
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:18 GMT
Last-Modified: Thu, 12 Jan 2023 14:36:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312

s.pinimg.com/ct/lib/main.9a94ee76.js

23.38.200.197

200 OK

21 kB

URL HTTP/2
s.pinimg.com/ct/lib/main.9a94ee76.js
IP
23.38.200.197:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Size
21 kB (20728 bytes)
Hash
e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98

HTTP Headers

GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&gjid=634376928&_gid=810671205.1673540343&_u=YCDAiEABBAAAAGAEI~&z=1134070904

108.177.14.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&gjid=634376928&_gid=810671205.1673540343&_u=YCDAiEABBAAAAGAEI~&z=1134070904
IP
108.177.14.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&gjid=634376928&_gid=810671205.1673540343&_u=YCDAiEABBAAAAGAEI~&z=1134070904 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.nm.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 12 Jan 2023 16:19:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3113996%26time%3D1673540342565%26url%3Dhttps%253A%252F%252Fwww.nm.org%252Fpatients-and-visitors%252Fpatient-safety-during-covid-19%253Futm_source%253Dnm.org%252Fwelcomeback%2526utm_medium%253Dvanity%2526utm_campaign%253Dwelcomeback%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIDZxTlMl_JiQAAAYWmx1A04Rfaj3WEaMgEjp9EaAi_NkIWMy4-TXAI1ND20Kn-ZSOKUKoPjriLcA; Max-Age=2592000; Expires=Sat, 11 Feb 2023 16:19:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKKOVDOba_t3AAAAYWmx1A0kcLTXEHCaniZmeeSYHa7X8kZXTRuR5IaucLiMXy-h0qFaO3WlMObH07JT0vg6Q; Max-Age=2592000; Expires=Sat, 11 Feb 2023 16:19:18 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&09871bee-cd35-4865-856e-91bd04be68e3"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Jan-2024 16:19:18 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2467:u=1:x=1:i=1673540358:t=1673626758:v=2:sig=AQHfPYSvKxeRCd-S8WS72qWZ2A5iafMj"; Expires=Fri, 13 Jan 2023 16:19:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXyE3qRLYj4ErFlaS5kYw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A8775315E5614B77ADDAA0CDEB49CF4A Ref B: OSL30EDGE0416 Ref C: 2023-01-12T16:19:18Z
date: Thu, 12 Jan 2023 16:19:17 GMT
content-length: 0
X-Firefox-Spdy: h2

www.medtargetsystem.com/beacon/process/

34.230.237.180

200 OK

60 B

URL HTTP/2
www.medtargetsystem.com/beacon/process/
IP
34.230.237.180:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
60 B (60 bytes)
Hash
b5b59236332b3c51ab863a6d924f9faa
35c8949cf726c580d357901b0ed6ef5127d02b53
993df4ac72a35cf8cc607d7446769fade781d06031198b50b7743257f77583a9

HTTP Headers

POST /beacon/process/ HTTP/1.1
Host: www.medtargetsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 779
Origin: https://www.medtargetsystem.com
Connection: keep-alive
Referer: https://www.medtargetsystem.com/beacon/portal/?_url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&_sid=fc186b72-d6db-4883-bd8f-3467c9255cf3&_vid=16d1722f-830e-4c44-b3a7-56a48c71ca02&_ak=203-8818-D3E2C6BF&_flash=false&_th=1673540342|1673540342|1
Cookie: s-DMDSESSID=9b94b4293d2636e33ce4b16b02626c71
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:18 GMT
content-type: text/html; charset=UTF-8
content-length: 60
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
x-robots-tag: noindex
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: s-dmd-id-x=deleted; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=www.medtargetsystem.com; SameSite=None; Secure
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0336e8d402673b0ec709576eb826d374
78d3fd732786d2474e16ac4887348f5aaec6d856
feec8b790ff33583fa14c191057e80fc9156ef297fb3c4f7e520f83d561b54bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29

104.244.42.3

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29
IP
104.244.42.3:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=a22722ad-9581-489b-8534-33c033bd6d35&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=750fd32d-c0f1-45fb-b7b4-6653c423c5e9&tw_document_href=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ajk&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:18 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_o/prGSznkesBxbdJUo71rw=="; Max-Age=63072000; Expires=Sat, 11 Jan 2025 16:19:18 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ee7fc7f1dea1ac09
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: da3d13c482509abd7dadb488119770c339658ed53359d6ce252bab154903b35e
X-Firefox-Spdy: h2

web.northwestern.nm.org/visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&elq1pcGUID=84DA95E5B237498B9999E3014FCEBC09

142.0.165.166

200 OK

49 B

URL HTTP/1.1
web.northwestern.nm.org/visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&elq1pcGUID=84DA95E5B237498B9999E3014FCEBC09
IP
142.0.165.166:0
ASN
#7160 NETDYNAMICS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
dbefe00673f01d8b0f2791f3e30565cc
6b3227ad1a39504f155cb0117293a44ab3cbec3a
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

HTTP Headers

GET /visitor/v200/svrGP?pps=3&siteid=220745253&ref2=elqNone&tzo=0&ms=352&optin=disabled&elq1pcGUID=84DA95E5B237498B9999E3014FCEBC09 HTTP/1.1
Host: web.northwestern.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/patients-and-visitors/patient-safety-during-covid-19?utm_source=nm.org/welcomeback&utm_medium=vanity&utm_campaign=welcomeback
Connection: keep-alive
Cookie: _gcl_au=1.1.1571431178.1673540341; _ga_B5ZCX6BD6N=GS1.1.1673540341.1.0.1673540341.0.0.0; _ga=GA1.2.527195117.1673540341; __ctmid=63c033050002c2c9376120b2; _gid=GA1.2.810671205.1673540343; _gat_UA-52031007-1=1; _gat_UA-168434602-1=1; _dc_gtm_UA-52031007-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Cache-Control: no-store
Pragma: no-cache
Content-Type: image/gif
Expires: -1
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
Set-Cookie: ELOQUA=GUID=84DA95E5B237498B9999E3014FCEBC09; domain=nm.org; expires=Mon, 12-Feb-2024 16:19:17 GMT; path=/
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Thu, 12 Jan 2023 16:19:17 GMT
Content-Length: 49

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
85ff946a6fdcac5ce6fc5ccacfdb2ab0
e7e1b4f574ac6f03c46833efa11b1b2c8e5e0c7d
6ad8f70cb3c6ede2ba4d2a47ce3baa9cb3b32b1da7b46d523546ef6a58d9be24

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 12 Jan 2023 16:19:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=555944060&_u=YCDAiEABBAAAAGAEI~&z=1320793855 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52031007-1&cid=527195117.1673540341&jid=236342843&_u=YADAAAAAAAAAAC~&z=1418159858 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 16:19:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ct.pinterest.com/user/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1673540343073&dep=2%2CPAGE_LOAD

23.38.200.197

200 OK

372 B

URL HTTP/2
ct.pinterest.com/user/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1673540343073&dep=2%2CPAGE_LOAD
IP
23.38.200.197:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with very long lines (533), with no line terminators
Size
372 B (372 bytes)
Hash
cb60b4bb9f692e0eccd37330432c3c88
0f850c1d37f97ea20375d7b0b3f56f80f46f7a83
68ef92e043c30a34094e4359ce99370aef1153692f0bd6fe82e0e65120978043

HTTP Headers

GET /user/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1673540343073&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nm.org
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVpqTmxOR1JqTnpZdE5HTmpNeTAwTmpVd0xXRTNOakV0WmpNMVpqUmxPVEk0WVRKaw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.nm.org
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 372
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1668293331269363
date: Thu, 12 Jan 2023 16:19:18 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1673540358.772cdf2c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

ct.pinterest.com/v3/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1673540343075

23.38.200.197

200 OK

35 B

URL HTTP/2
ct.pinterest.com/v3/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1673540343075
IP
23.38.200.197:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

HTTP Headers

GET /v3/?tid=2613981389413&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1673540343075 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1025319772041640
date: Thu, 12 Jan 2023 16:19:18 GMT
akamai-grn: 0.274f2417.1673540358.772cdf2e
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3113996%26time%3D1673540342565%26url%3Dhttps%253A%252F%252Fwww.nm.org%252Fpatients-and-visitors%252Fpatient-safety-during-covid-19%253Futm_source%253Dnm.org%252Fwelcomeback%2526utm_medium%253Dvanity%2526utm_campaign%253Dwelcomeback%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3113996%26time%3D1673540342565%26url%3Dhttps%253A%252F%252Fwww.nm.org%252Fpatients-and-visitors%252Fpatient-safety-during-covid-19%253Futm_source%253Dnm.org%252Fwelcomeback%2526utm_medium%253Dvanity%2526utm_campaign%253Dwelcomeback%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3113996%26time%3D1673540342565%26url%3Dhttps%253A%252F%252Fwww.nm.org%252Fpatients-and-visitors%252Fpatient-safety-during-covid-19%253Futm_source%253Dnm.org%252Fwelcomeback%2526utm_medium%253Dvanity%2526utm_campaign%253Dwelcomeback%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&fba801b9-26aa-4bba-8fe3-2bc932769de9"; Domain=.linkedin.com; Expires=Fri, 12-Jan-2024 16:19:18 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230112161918c354541f-786b-4386-8511-6f8e4df93182AQHbF1ayGnlerhDL5-caEAzIfAcO9-l5"; Domain=.www.linkedin.com; Expires=Fri, 12-Jan-2024 16:19:18 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzM1NDAzNTg7MjswMjEbe4r7UrWjpZ5veWjlgT1nB+e3tuQCuiWtylGHV1c6PA==; Domain=.linkedin.com; Expires=Tue, 11 Jul 2023 16:19:18 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2444:u=1:x=1:i=1673540358:t=1673626758:v=2:sig=AQEIB16EBnGhNQwhyvXqTiDOgneYizYQ"; Expires=Fri, 13 Jan 2023 16:19:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyE3qVHlS9L830zFl26A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1A04FF7310B04FABA4799D0D4AE2A058 Ref B: OSL30EDGE0416 Ref C: 2023-01-12T16:19:18Z
date: Thu, 12 Jan 2023 16:19:17 GMT
content-length: 0
X-Firefox-Spdy: h2

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3113996&time=1673540342565&url=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nm.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e8a5945d-fe22-415b-8c91-5f8d300739ed"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 12-Jan-2024 16:19:18 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2411:u=1:x=1:i=1673540358:t=1673626758:v=2:sig=AQEzDPm6AFYXXgAFsY8YNflB0_P9egtJ"; Expires=Fri, 13 Jan 2023 16:19:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXyE3qYJn0sHIXS9B16yA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A59213F94A394511B8A2D421218DD7B4 Ref B: OSL30EDGE0416 Ref C: 2023-01-12T16:19:18Z
date: Thu, 12 Jan 2023 16:19:17 GMT
content-length: 0
X-Firefox-Spdy: h2

ct.pinterest.com/ct.html

23.38.200.197

200 OK

323 B

URL HTTP/2
ct.pinterest.com/ct.html
IP
23.38.200.197:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Size
323 B (323 bytes)
Hash
b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc

HTTP Headers

GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 1516280914501689
date: Thu, 12 Jan 2023 16:19:18 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1673540358.772ce87b
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.nm.org/Content/Northwestern/fonts/MaterialIcons-Regular.woff2

204.62.118.87

200 OK

0 B

URL HTTP/2
www.nm.org/Content/Northwestern/fonts/MaterialIcons-Regular.woff2
IP
204.62.118.87:0
ASN
#19247 AS19247

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/Northwestern/fonts/MaterialIcons-Regular.woff2 HTTP/1.1
Host: www.nm.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nm.org/content/northwestern/dist/css/site.css?version=5a89346f5e
Cookie: nmuid=fff8fa7c-9463-4ed0-bd97-b71420f02c90; _gcl_au=1.1.1571431178.1673540341
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
last-modified: Mon, 26 Oct 2020 20:01:18 GMT
accept-ranges: bytes
etag: "03b5ec4d2abd61:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-env-node: A
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 12 Jan 2023 16:19:15 GMT
content-length: 44300
X-Firefox-Spdy: h2

api.tiles.mapbox.com/mapbox-gl-js/v0.53.1/mapbox-gl.js

54.230.216.182

200 OK

0 B

URL HTTP/1.1
api.tiles.mapbox.com/mapbox-gl-js/v0.53.1/mapbox-gl.js
IP
54.230.216.182:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapbox-gl-js/v0.53.1/mapbox-gl.js HTTP/1.1
Host: api.tiles.mapbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 25 Nov 2022 07:11:26 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "f1ffa26ca664d5aac675856791bffd66"
Last-Modified: Wed Feb 27 2019 22:25:22 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dCLK-dhBW8DoihOlH2NVk3Nb-UmFL3W03CDz2Pl1j8LhAujm70OAFA==
Age: 4180069

polyfill.io/v3/polyfill.min.js?version=3.52.1

151.101.1.26

200 OK

0 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?version=3.52.1
IP
151.101.1.26:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/polyfill.min.js?version=3.52.1 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
last-modified: Thu, 12 Jan 2023 11:53:04 GMT
content-encoding: br
useragent_normaliser: firefox/105.0.0
age: 0
date: Thu, 12 Jan 2023 16:19:15 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=65
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=t11y002&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=et40m12&upv=1.1.0&td2=undefined&td3=undefined

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=t11y002&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=et40m12&upv=1.1.0&td2=undefined&td3=undefined
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=t11y002&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=et40m12&upv=1.1.0&td2=undefined&td3=undefined HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:18 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

www.youtube.com/iframe_api

172.217.21.174

200 OK

0 B

URL HTTP/2
www.youtube.com/iframe_api
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 12 Jan 2023 16:19:16 GMT
date: Thu, 12 Jan 2023 16:19:16 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=CyyU-1jDU5g; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=6d35P3QicXU; Domain=.youtube.com; Expires=Tue, 11-Jul-2023 16:19:16 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0Tnpnd01UQTVPVEkxTURNM01qUTVOUT09EITmgJ4GGITmgJ4G; Domain=.youtube.com; Expires=Tue, 11-Jul-2023 16:19:16 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+982; expires=Sat, 11-Jan-2025 16:19:16 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

insight.adsrvr.org/track/up?adv=arbkhdi&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=zh7ukky&upv=1.1.0

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=arbkhdi&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=zh7ukky&upv=1.1.0
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/up?adv=arbkhdi&ref=https%3A%2F%2Fwww.nm.org%2Fpatients-and-visitors%2Fpatient-safety-during-covid-19%3Futm_source%3Dnm.org%2Fwelcomeback%26utm_medium%3Dvanity%26utm_campaign%3Dwelcomeback&upid=zh7ukky&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 12 Jan 2023 16:19:18 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1968954.js?sv=6

54.230.111.8

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1968954.js?sv=6
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1968954.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nm.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 12 Jan 2023 16:19:17 GMT
cache-control: max-age=60
etag: W/46d04afd4e6ca2617248b95c28da1596
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KG44kBZOjFPVlbJKIFjVfPGJct44RSvFQ3EKFc2yUbQFMloFSclnyg==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations