URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Submission: On June 30 via manual from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions.
The main IP is 54.186.167.170, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is iqrs.npdb.hrsa.gov.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 15th 2020. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 54.186.167.170 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 4
Domain
Subdomains
Transfer
9 hrsa.gov
210 KB
2 google-analytics.com
18 KB
1 ytimg.com
30 KB
1 youtube.com
920 B
13 4
Domain Requested by
7 iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov
2 www.npdb.hrsa.gov iqrs.npdb.hrsa.gov
2 www.google-analytics.com iqrs.npdb.hrsa.gov
1 s.ytimg.com www.youtube.com
1 www.youtube.com iqrs.npdb.hrsa.gov
13 5

This site contains links to these domains. Also see Links.

Domain
www.npdb.hrsa.gov
Subject / Issuer Validity Valid
iqrs.npdb.hrsa.gov
DigiCert SHA2 Extended Validation Server CA
2020-01-15 -
2022-01-15
2 years
*.google-analytics.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months
*.google.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months
www.npdb.hrsa.gov
DigiCert SHA2 Extended Validation Server CA
2020-02-21 -
2022-02-21
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /piwik\.js|piwik\.php/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
?p=8071597504618305508323975
18 KB
19 KB
Document
General
Full URL
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
5131f2a155d20c25881c8c175984d9128b05c41777f696528c3d69be53b7ac88
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
iqrs.npdb.hrsa.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate no-cache, no-store, private
Content-Type
text/html;charset=ISO-8859-1
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Date
Tue, 30 Jun 2020 21:37:39 GMT
Expires
0
Pragma
no-cache
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
combined.css?id=c9683f346.09.20200625
141 KB
25 KB
Stylesheet
General
Full URL
https://iqrs.npdb.hrsa.gov/combined.css?id=c9683f346.09.20200625
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
132c3e4c644b635391128279f415d9207f9eeeac6cb9d9aaa2adc2170615a5f3
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 30 Jun 2020 21:37:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
public, max-age=6048000, no-cache, no-store, private
Transfer-Encoding
chunked
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection
1; mode=block
Expires
Tue, 08 Sep 2020 21:37:40 GMT
combined.js?id=147cdf5f6.09.20200625
132 KB
42 KB
Script
General
Full URL
https://iqrs.npdb.hrsa.gov/combined.js?id=147cdf5f6.09.20200625
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
039bb39d357e1392c8824865df6ca3ebbfcf4c526a6cdcf9582996c69f3fd67c
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 30 Jun 2020 21:37:39 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
public, max-age=6048000, no-cache, no-store, private
Transfer-Encoding
chunked
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
X-XSS-Protection
1; mode=block
Expires
Tue, 08 Sep 2020 21:37:40 GMT
federated-analytics.min.js?agency=HHS&subagency=HRSA&sp=find&yt=true
/infoweb/js
19 KB
20 KB
Script
General
Full URL
https://iqrs.npdb.hrsa.gov/infoweb/js/federated-analytics.min.js?agency=HHS&subagency=HRSA&sp=find&yt=true
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
4faece9ef448a5cd56c6d61d014fae645d0c000bde2ac66a84282d473b446469
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jun 2020 15:48:32 GMT
ETag
W/"19550-1593100112000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store, private
Date
Tue, 30 Jun 2020 21:37:39 GMT
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Accept-Ranges
bytes
Content-Length
19550
X-XSS-Protection
1; mode=block
logoNPDB.png
/images
9 KB
10 KB
Image
General
Full URL
https://iqrs.npdb.hrsa.gov/images/logoNPDB.png
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
be51a580424f7e4b1b37ef1e289524d039953f200205187414b3b7cef9278215
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jun 2020 15:48:36 GMT
ETag
W/"9218-1593100116000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store, private
Date
Tue, 30 Jun 2020 21:37:40 GMT
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Accept-Ranges
bytes
Content-Length
9218
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/infoweb/js/federated-analytics.min.js?agency=HHS&subagency=HRSA&sp=find&yt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1324
date
Tue, 30 Jun 2020 21:15:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 30 Jun 2020 23:15:37 GMT
player_api
www.youtube.com
859 B
920 B
Script
General
Full URL
https://www.youtube.com/player_api
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/infoweb/js/federated-analytics.min.js?agency=HHS&subagency=HRSA&sp=find&yt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
409c74bb71936733b4f2e62fdd8445a3332b22e3c9b81020ed28e06ad30f55ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 21:37:41 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
RulesOfBehaviorSignInContent.jsp
5 KB
6 KB
Document
General
Full URL
https://iqrs.npdb.hrsa.gov/RulesOfBehaviorSignInContent.jsp
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
045e09b5831f7c115d0b1dfb4621596267fd41b51171d8b63d16a7c7f538a8a6
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
iqrs.npdb.hrsa.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975

Response headers

Cache-Control
no-cache, no-store, private
Content-Type
text/html;charset=ISO-8859-1
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Date
Tue, 30 Jun 2020 21:37:41 GMT
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Length
5449
fontawesome-webfont.woff?v=4.2.0
/lib/font-awesome/4.2.0/fonts
64 KB
65 KB
Font
General
Full URL
https://iqrs.npdb.hrsa.gov/lib/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
/
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://iqrs.npdb.hrsa.gov/combined.css?id=c9683f346.09.20200625
Origin
https://iqrs.npdb.hrsa.gov

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jun 2020 15:48:32 GMT
ETag
W/"65452-1593100112000"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff
Date
Tue, 30 Jun 2020 21:37:41 GMT
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Accept-Ranges
bytes
Content-Length
65452
X-XSS-Protection
1; mode=block
piwik.js
www.npdb.hrsa.gov/piwik
62 KB
22 KB
Script
General
Full URL
https://www.npdb.hrsa.gov/piwik/piwik.js
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
Apache /
Resource Hash
420f9f744643ee9e73f716e92d9136d92ad459b10748fe1a2f94fcafbfd6508d
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
ETag
"f751-562d516bfeb8d-gzip"
Connection
Keep-Alive
Content-Length
21660
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 15 Jan 2018 18:50:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Tue, 30 Jun 2020 21:37:41 GMT
Vary
Cookie,Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache, no-store, private
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
X-Content-Type-Options
nosniff
collect?v=1&_v=j83&aip=1&a=1255132666&t=pageview&_s=1&dl=https%3A%2F%2Fiqrs.npdb.hrsa.gov%2F%3Fp%3D8071597504618305508323975&dp=%2F%3Fp%3D8071597504618305508323975&ul=en-us&de=windows-1252&dt=The%2...
www.google-analytics.com/r
35 B
107 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1255132666&t=pageview&_s=1&dl=https%3A%2F%2Fiqrs.npdb.hrsa.gov%2F%3Fp%3D8071597504618305508323975&dp=%2F%3Fp%3D8071597504618305508323975&ul=en-us&de=windows-1252&dt=The%20NPDB%20-%20Health%20Care%20Organizations%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAQAB~&jid=1527541032&gjid=1941062596&cid=1016448996.1593553062&tid=UA-33523145-1&_gid=184993685.1593553062&_r=1&cd1=HHS&cd2=HHS%20-%20HRSA&cd3=20150519%20v2.01%20-%20Universal%20Analytics&z=1117140077
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 21:37:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflZzDPU2
84 KB
30 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflZzDPU2/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fe6603cb5fee723c580acacd1c6616b6cabcb07541bc4772f618856d78e5d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 19:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6946
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30931
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 05:31:19 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 08 Jul 2020 19:41:55 GMT
piwik.php?action_name=IQRS%20%7C%20The%20NPDB%20-%20Health%20Care%20Organizations%20Sign%20In&idsite=2&rec=1&r=857120&h=23&m=37&s=43&url=https%3A%2F%2Fiqrs.npdb.hrsa.gov%2F%3Fp%3D807159750461830550...
www.npdb.hrsa.gov/piwik
43 B
935 B
Image
General
Full URL
https://www.npdb.hrsa.gov/piwik/piwik.php?action_name=IQRS%20%7C%20The%20NPDB%20-%20Health%20Care%20Organizations%20Sign%20In&idsite=2&rec=1&r=857120&h=23&m=37&s=43&url=https%3A%2F%2Fiqrs.npdb.hrsa.gov%2F%3Fp%3D8071597504618305508323975&_id=9bc4886ebf11632a&_idts=1593553063&_idvc=1&_idn=0&_refts=0&_viewts=1593553063&cs=windows-1252&send_image=1&cookie=1&res=1600x1200&gt_ms=387&pv_id=q0q2Jg
Requested by
Host: iqrs.npdb.hrsa.gov
URL: https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.186.167.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
mail.npdb.hrsa.gov
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iqrs.npdb.hrsa.gov/?p=8071597504618305508323975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
Apache
Date
Tue, 30 Jun 2020 21:37:42 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private
Transfer-Encoding
chunked
Content-Security-Policy
script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Connection
Keep-Alive
Vary
Cookie
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=92

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| canPerformSMSLogin boolean| canPerformSSOLogin boolean| displaySSOLoginDiv function| registerFormInputEvents function| $ function| jQuery object| oCONFIG function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _sendPageview function| gas function| _URIHandler string| tObjectCheck function| createTracker function| _initAutoTracker object| videoArray_fed object| playerArray_fed boolean| _f33 boolean| _f66 boolean| _f90 object| tag object| firstScriptTag function| _initIdAssigner function| _tagClicks function| youtube_parser_fed function| IsYouTube_fed function| YTUrlHandler_fed function| _initYouTubeTracker function| onYouTubePlayerAPIReady function| onFedPlayerReady function| onFedPlayerStateChange string| _keyValuePair string| _key string| _value string| GoogleAnalyticsObject function| ga object| antiClickjack object| _paq function| _iqrsAnalytics object| _iqrsa object| _thisVideoObj object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log

5 Cookies

Domain/Path Name / Value
iqrs.npdb.hrsa.gov/ Name: _pk_ses.2.ee01
Value: *
.iqrs.npdb.hrsa.gov/ Name: _gat_GSA_ENOR0
Value: 1
iqrs.npdb.hrsa.gov/ Name: _pk_id.2.ee01
Value: 9bc4886ebf11632a.1593553063.1.1593553063.1593553063.
.iqrs.npdb.hrsa.gov/ Name: _gid
Value: GA1.4.184993685.1593553062
.iqrs.npdb.hrsa.gov/ Name: _ga
Value: GA1.4.1016448996.1593553062

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src graph.facebook.com *.gstatic.com *.addthis.com *.addthisedge.com iqrs.npdb.hrsa.gov iqrs.npdb.hrsa.gov:450 www.npdb.hrsa.gov www.npdb.hrsa.gov:7777 www.npdb.hrsa.gov:7778 ajax.googleapis.com https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js www.google-analytics.com www.youtube.com s.ytimg.com *.cloudfront.net *.smartystreets.com tableau.hrsa.gov search.usa.gov 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block