qa.claimsinvoice.sgicloud.ca Open in urlscan Pro
52.139.5.7  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response qa.claimsinvoice.sgicloud.ca/	2 KB 3 KB	160ms 25ms	Document text/html	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f98346bdd3db705a262a0b90f67e161e39c089ab821fda948c887f413740bea7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Date Thu, 09 Dec 2021 04:01:11 GMT Content-Type text/html Content-Length 2324 Connection keep-alive Last-Modified Thu, 09 Dec 2021 02:02:10 GMT ETag "61b163a2-914" Accept-Ranges bytes
GET H/1.1	200 OK	2.fd61f057.chunk.css qa.claimsinvoice.sgicloud.ca/static/css/	154 KB 155 KB	38ms 37ms	Stylesheet text/css	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/static/css/2.fd61f057.chunk.css Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9fcda4d1570db51e7f7bafc027a363de4ba8709f2f2cd0dd3760ab1d1867f02f Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 04:01:11 GMT Last-Modified Thu, 09 Dec 2021 02:02:10 GMT Connection keep-alive Accept-Ranges bytes ETag "61b163a2-26979" Content-Length 158073 Content-Type text/css
GET H/1.1	200 OK	main.b801a373.chunk.css qa.claimsinvoice.sgicloud.ca/static/css/	156 KB 156 KB	75ms 37ms	Stylesheet text/css	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/static/css/main.b801a373.chunk.css Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e03739ca4537a191b8babe32628982e18e5b3606d8959cc600eeb560b0515bd7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 04:01:11 GMT Last-Modified Thu, 09 Dec 2021 02:02:10 GMT Connection keep-alive Accept-Ranges bytes ETag "61b163a2-26f65" Content-Length 159589 Content-Type text/css
GET H/1.1	200 OK	2.11de5a5e.chunk.js Show response qa.claimsinvoice.sgicloud.ca/static/js/	2 MB 2 MB	83ms 44ms	Script application/javascript	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0fd784d553d86a0265547a2bccd22e6b63746aeb4343b476bc29083fae67e526 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 04:01:11 GMT Last-Modified Thu, 09 Dec 2021 02:02:10 GMT Connection keep-alive Accept-Ranges bytes ETag "61b163a2-1ca7e1" Content-Length 1877985 Content-Type application/javascript
GET H/1.1	200 OK	main.73f123c5.chunk.js Show response qa.claimsinvoice.sgicloud.ca/static/js/	270 KB 270 KB	92ms 52ms	Script application/javascript	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/static/js/main.73f123c5.chunk.js Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 11a1b885ddd2347bc9b2e7f671803e25f7ec3d7be0530098d81fe4af84fdb391 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 04:01:11 GMT Last-Modified Thu, 09 Dec 2021 02:02:10 GMT Connection keep-alive Accept-Ranges bytes ETag "61b163a2-438ab" Content-Length 276651 Content-Type application/javascript
GET H2	200	icon-font.min.css cdn.linearicons.com/free/1.0.0/	7 KB 2 KB	350ms 21ms	Stylesheet text/css	13.225.63.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linearicons.com/free/1.0.0/icon-font.min.css Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/css/main.b801a373.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-57.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 15 Jun 2021 04:21:22 GMT content-encoding gzip age 15291590 x-cache Hit from cloudfront content-length 1672 access-control-allow-origin * last-modified Wed, 27 May 2015 16:04:10 GMT server AmazonS3 etag "0b704046d76bb4d3929be4f7f20472f5" access-control-allow-methods GET content-type text/css via 1.1 8462ed2e9a829ba62d29d6a8e3a787d3.cloudfront.net (CloudFront) cache-control max-age=31000000 x-amz-cf-pop EWR53-C1 accept-ranges bytes x-edge-origin-shield-bytes 557 x-amz-cf-id uaQ1gclwtpXpJZOuSBn7cP0RuzX9gTy5DA2sgrrJRznwHoxlwxiu3g==
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	100ms 38ms	Stylesheet text/css	2607:f8b0:4006:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,700 Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/css/main.b801a373.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 09 Dec 2021 04:01:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 09 Dec 2021 04:01:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 09 Dec 2021 04:01:11 GMT
GET H/1.1	200 OK	claimsinvoice.json Show response qa.claimsinvoice.sgicloud.ca/configs/	918 B 1 KB	119ms 119ms	Fetch application/json	52.139.5.7 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://qa.claimsinvoice.sgicloud.ca/configs/claimsinvoice.json Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/main.73f123c5.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.139.5.7 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2973f64280f3e9a41cb9c4220b71f126e3ce141a36d481171d32234046667e36 Request headers Accept-Language en-CA,en;q=0.9 Referer https://qa.claimsinvoice.sgicloud.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Thu, 09 Dec 2021 04:01:11 GMT Last-Modified Fri, 03 Dec 2021 16:14:01 GMT Content-MD5 XMi64bsxn8PU2r0tTy+9LA== ETag 0x8D9B677EB13CBD3 Content-Type application/json x-ms-request-id 97c32c98-001e-00a8-62b1-ec0f2c000000 x-ms-version 2009-09-19 Connection keep-alive Content-Length 918
OPTIONS H2	200	6181b1b709dd0662dc6ae554 app.launchdarkly.com/sdk/goals/	0 0	121ms 78ms	Preflight	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/6181b1b709dd0662dc6ae554 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-launchdarkly-user-agent,x-launchdarkly-wrapper Origin https://qa.claimsinvoice.sgicloud.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 allow GET, OPTIONS, HEAD content-encoding gzip ld-region us-east-1 strict-transport-security max-age=31536000 accept-ranges bytes date Thu, 09 Dec 2021 04:01:12 GMT via 1.1 varnish x-served-by cache-yul12820-YUL x-cache MISS x-cache-hits 0 x-timer S1639022472.947908,VS0,VE68 vary Accept-Encoding age 0 content-length 23
OPTIONS H2	204	6181b1b709dd0662dc6ae554 events.launchdarkly.com/events/diagnostic/	0 0	82ms 24ms	Preflight	107.23.182.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/6181b1b709dd0662dc6ae554 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.182.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-182-115.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper Origin https://qa.claimsinvoice.sgicloud.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 09 Dec 2021 04:01:11 GMT access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 strict-transport-security max-age=31536000
GET H2	200	6181b1b709dd0662dc6ae554 Show response app.launchdarkly.com/sdk/goals/	2 B 157 B	39ms 39ms	XHR application/json	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/6181b1b709dd0662dc6ae554 Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qa.claimsinvoice.sgicloud.ca/ X-LaunchDarkly-Wrapper react-client-sdk/2.23.2 Accept-Language en-CA,en;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.19.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip content-md5 d751713988987e9331980363e24189ce age 0 x-cache MISS access-control-max-age 300 date Thu, 09 Dec 2021 04:01:12 GMT content-length 26 x-served-by cache-yul12820-YUL access-control-allow-origin * ld-region us-east-1 x-timer S1639022472.027558,VS0,VE29 etag "d751713988987e9331980363e24189ce" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/json via 1.1 varnish cache-control max-age=0 accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version x-cache-hits 0
POST H2	202	6181b1b709dd0662dc6ae554 Show response events.launchdarkly.com/events/diagnostic/	0 328 B	26ms 26ms	XHR application/json	107.23.182.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/6181b1b709dd0662dc6ae554 Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.182.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-182-115.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://qa.claimsinvoice.sgicloud.ca/ X-LaunchDarkly-Wrapper react-client-sdk/2.23.2 Accept-Language en-CA,en;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.19.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers date Thu, 09 Dec 2021 04:01:11 GMT access-control-max-age 300 access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Date strict-transport-security max-age=31536000 access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper content-length 0
GET H2	200	eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 Show response app.launchdarkly.com/sdk/evalx/6181b1b709dd0662dc6ae554/users/	321 B 498 B	47ms 46ms	XHR application/json	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/6181b1b709dd0662dc6ae554/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 622b8a8fa066ecc9c6b54190a093ad6d3249da49c27183d6b07abd74cfea7f1b Request headers Referer https://qa.claimsinvoice.sgicloud.ca/ X-LaunchDarkly-Wrapper react-client-sdk/2.23.2 Accept-Language en-CA,en;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.19.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 09 Dec 2021 04:01:12 GMT content-encoding gzip vary Authorization, Accept-Encoding age 0 x-cache MISS content-length 124 x-served-by cache-yul12820-YUL access-control-allow-origin * x-timer S1639022472.974457,VS0,VE36 etag "6dbb" access-control-max-age 3600 access-control-allow-methods OPTIONS, GET content-type application/json via 1.1 varnish cache-control max-age=0 accept-ranges bytes access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version x-cache-hits 0
OPTIONS H2	200	eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 app.launchdarkly.com/sdk/evalx/6181b1b709dd0662dc6ae554/users/	0 0	65ms 25ms	Preflight	151.101.130.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/6181b1b709dd0662dc6ae554/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-launchdarkly-user-agent,x-launchdarkly-wrapper Origin https://qa.claimsinvoice.sgicloud.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 allow GET, OPTIONS, HEAD content-encoding gzip ld-region us-east-1 strict-transport-security max-age=31536000 accept-ranges bytes date Thu, 09 Dec 2021 04:01:11 GMT via 1.1 varnish x-served-by cache-yul12820-YUL x-cache MISS x-cache-hits 0 x-timer S1639022472.947850,VS0,VE15 vary Accept-Encoding age 0 content-length 23
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	316ms 82ms	Preflight	40.78.253.199 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.78.253.199 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,sdk-context Origin https://qa.claimsinvoice.sgicloud.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers access-control-allow-methods POST access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-origin * access-control-max-age 3600 x-content-type-options nosniff date Thu, 09 Dec 2021 04:01:12 GMT content-length 0
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 281 B	397ms 397ms	XHR application/json	40.78.253.199 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.78.253.199 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 78061e7d97dab8648d9e7d60685f3c1311706d9850449af8022986f460c3718f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://qa.claimsinvoice.sgicloud.ca/ Accept-Language en-CA,en;q=0.9 Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/json Response headers x-ms-session-id C1DC889B-82C0-43E0-85A4-F8C1AFB68311 strict-transport-security max-age=31536000 x-content-type-options nosniff date Thu, 09 Dec 2021 04:01:12 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context content-length 96
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0938e354be652e36f2b8db695142ad95d1660ac7a7660246ce3d3cec756012f2 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	70ms 21ms	Font font/woff2	2607:f8b0:4006:823::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qa.claimsinvoice.sgicloud.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 06 Dec 2021 22:58:42 GMT x-content-type-options nosniff age 190950 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 06 Dec 2022 22:58:42 GMT
GET H2	200	eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 clientstream.launchdarkly.com/eval/6181b1b709dd0662dc6ae554/	342 B 0	114ms 50ms	EventSource text/event-stream	76.223.31.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientstream.launchdarkly.com/eval/6181b1b709dd0662dc6ae554/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImE1YWI5OGQwLTU4YTQtMTFlYy1hODQ2LTZkNWQyZDU0ZGQ0NSJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.31.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a1370dc23e25e46ce.awsglobalaccelerator.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept text/event-stream Cache-Control no-cache Referer https://qa.claimsinvoice.sgicloud.ca/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 09 Dec 2021 04:01:12 GMT ld-region us-east-1 access-control-max-age 300 access-control-allow-methods GET,OPTIONS content-type text/event-stream; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
POST H2	202	6181b1b709dd0662dc6ae554 Show response events.launchdarkly.com/events/bulk/	0 328 B	25ms 24ms	XHR application/json	107.23.182.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/6181b1b709dd0662dc6ae554 Requested by Host: qa.claimsinvoice.sgicloud.ca URL: https://qa.claimsinvoice.sgicloud.ca/static/js/2.11de5a5e.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.182.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-182-115.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers X-LaunchDarkly-Payload-ID a6dc9ec0-58a4-11ec-a846-6d5d2d54dd45 X-LaunchDarkly-Event-Schema 3 Accept-Language en-CA,en;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.19.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Referer https://qa.claimsinvoice.sgicloud.ca/ X-LaunchDarkly-Wrapper react-client-sdk/2.23.2 Response headers date Thu, 09 Dec 2021 04:01:13 GMT access-control-max-age 300 access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Date strict-transport-security max-age=31536000 access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper content-length 0
OPTIONS H2	204	6181b1b709dd0662dc6ae554 events.launchdarkly.com/events/bulk/	0 0	24ms 24ms	Preflight	107.23.182.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/6181b1b709dd0662dc6ae554 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.182.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-182-115.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper Origin https://qa.claimsinvoice.sgicloud.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 09 Dec 2021 04:01:13 GMT access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 strict-transport-security max-age=31536000

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonpclaims-invoice-app object| regeneratorRuntime function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| saveAs object| runConfig

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			qa.claimsinvoice.sgicloud.ca/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: fd7302b85e1cb87463bbca124e6f81f2
			qa.claimsinvoice.sgicloud.ca/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: fd7302b85e1cb87463bbca124e6f81f2
			qa.claimsinvoice.sgicloud.ca/	1970-01-20 08:02:38	Name: ai_user Value: 9iB2XY0KjLpmZsnjXpuZ7a|2021-12-09T04:01:11.888Z
			qa.claimsinvoice.sgicloud.ca/	1970-01-19 23:17:04	Name: ai_session Value: mBmqPo7TGeHSeZqCfLWCKM|1639022471993|1639022471993

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.linearicons.com
clientstream.launchdarkly.com
dc.services.visualstudio.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
qa.claimsinvoice.sgicloud.ca
107.23.182.115
13.225.63.57
151.101.130.217
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
40.78.253.199
52.139.5.7
76.223.31.44
0938e354be652e36f2b8db695142ad95d1660ac7a7660246ce3d3cec756012f2
0fd784d553d86a0265547a2bccd22e6b63746aeb4343b476bc29083fae67e526
11a1b885ddd2347bc9b2e7f671803e25f7ec3d7be0530098d81fe4af84fdb391
2973f64280f3e9a41cb9c4220b71f126e3ce141a36d481171d32234046667e36
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5c21346e0102cb0ae60afdb16611a27cc5699b4d39e6fbbd2db156d1985070de
622b8a8fa066ecc9c6b54190a093ad6d3249da49c27183d6b07abd74cfea7f1b
78061e7d97dab8648d9e7d60685f3c1311706d9850449af8022986f460c3718f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9fcda4d1570db51e7f7bafc027a363de4ba8709f2f2cd0dd3760ab1d1867f02f
e03739ca4537a191b8babe32628982e18e5b3606d8959cc600eeb560b0515bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f98346bdd3db705a262a0b90f67e161e39c089ab821fda948c887f413740bea7