stg-cdn.healthsafe-id.com Open in urlscan Pro
2600:9000:2057:3e00:12:8ce4:2800:21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stg-cdn.healthsafe-id.com/
Submission: On May 18 via automatic, source certstream-suspicious (May 18th 2023, 4:41:47 am UTC) — Scanned from DE

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 38 HTTP transactions. The main IP is 2600:9000:2057:3e00:12:8ce4:2800:21, located in United States and belongs to AMAZON-02, US. The main domain is stg-cdn.healthsafe-id.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 18th 2023. Valid for: a year.

This is the only time stg-cdn.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2600:9000:205... 2600:9000:2057:3e00:12:8ce4:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	149.111.172.53 149.111.172.53	10879 (UHC) (UHC)
4	2600:9000:205... 2600:9000:2057:a600:12:8ce4:2800:21	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:19d::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	45.60.33.26 45.60.33.26	19551 (INCAPSULA) (INCAPSULA)
1 4	52.212.178.201 52.212.178.201	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.211.140.166 52.211.140.166	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.164 63.140.62.164	15224 (OMNITURE) (OMNITURE)
1 1	52.16.185.84 52.16.185.84	16509 (AMAZON-02) (AMAZON-02)
1	52.48.71.111 52.48.71.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.81.134.51 54.81.134.51	14618 (AMAZON-AES) (AMAZON-AES)
2	149.111.172.51 149.111.172.51	10879 (UHC) (UHC)
38	19

3 2600:9000:2057:3e00:12:8ce4:2800:21 (United States)

ASN16509 (AMAZON-02, US)

stg-cdn.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.172.53 (United States)

ASN10879 (UHC, US)
PTR: stage-repo-elr.rakanto.com

stage-repo.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:a600:12:8ce4:2800:21 (United States)

ASN16509 (AMAZON-02, US)

dpybp1fijxkf4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:19d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)

member.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.178.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.140.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-140-166.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.164 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-164.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.185.84 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-185-84.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.71.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-71-111.eu-west-1.compute.amazonaws.com

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.134.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-134-51.compute-1.amazonaws.com

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.111.172.51 (United States)

ASN10879 (UHC, US)
PTR: stage-cse-elr.rakanto.com

stage-cse.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 39760 siteintercept.qualtrics.com — Cisco Umbrella Rank: 876	68 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 20684	7 KB
4	werally.com member.werally.com — Cisco Umbrella Rank: 50264	91 KB
4	cloudfront.net dpybp1fijxkf4.cloudfront.net	207 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 448	189 KB
3	rakanto.com stage-repo.rakanto.com — Cisco Umbrella Rank: 402686 stage-cse.rakanto.com	56 KB
3	healthsafe-id.com stg-cdn.healthsafe-id.com	3 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	117 KB
1	glassboxdigital.io report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 44516	3 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1991	72 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	google.de www.google.de — Cisco Umbrella Rank: 6080	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 20017	863 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1022	517 B
1	optum.com smetrics.optum.com — Cisco Umbrella Rank: 19262	463 B
1	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 7017	143 KB
38	18

	Domain	Requested by
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com cdn.gbqofs.com siteintercept.qualtrics.com
4	dpm.demdex.net	1 redirects stg-cdn.healthsafe-id.com
4	member.werally.com	dpybp1fijxkf4.cloudfront.net
4	dpybp1fijxkf4.cloudfront.net	stg-cdn.healthsafe-id.com
3	assets.adobedtm.com	dpybp1fijxkf4.cloudfront.net assets.adobedtm.com
3	stg-cdn.healthsafe-id.com	dpybp1fijxkf4.cloudfront.net
2	stage-cse.rakanto.com	cdn.gbqofs.com
2	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
1	report.uhg.glassboxdigital.io	cdn.gbqofs.com
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	stg-cdn.healthsafe-id.com
1	global.ib-ibi.com	stg-cdn.healthsafe-id.com
1	match.adsrvr.org	stg-cdn.healthsafe-id.com
1	cm.g.doubleclick.net	1 redirects
1	www.google.de	stg-cdn.healthsafe-id.com
1	www.google.com	stg-cdn.healthsafe-id.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	unitedhealthgroup.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	smetrics.optum.com	assets.adobedtm.com
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	cdn.gbqofs.com	stg-cdn.healthsafe-id.com
1	stage-repo.rakanto.com	stg-cdn.healthsafe-id.com
38	22

This site contains no links.

Subject Issuer	Validity	Valid
stg-cdn.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2023-05-18` - `2024-05-17`	a year	crt.sh
stage-repo.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2022-08-19` - `2023-08-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.werally.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-07` - `2023-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
uhg.glassboxdigital.io Amazon RSA 2048 M01	`2023-03-01` - `2023-11-07`	8 months	crt.sh
stage-cse.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://stg-cdn.healthsafe-id.com/
Frame ID: 3610C0F05D4213FD25029B20D32D5671
Requests: 34 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 69C5D925E8CF1D3B3C78F5AF601929E8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found - HealthSafe ID®

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

38
Requests

92 %
HTTPS

38 %
IPv6

18
Domains

22
Subdomains

19
IPs

4
Countries

887 kB
Transfer

2864 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569

Request Chain 16

https://cm.everesttech.net/cm/dd?d_uuid=48146821230428342980003912314849377736 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGWshgAAAIaFogOJ

Request Chain 24

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDgxNDY4MjEyMzA0MjgzNDI5ODAwMDM5MTIzMTQ4NDkzNzc3MzY= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEw4Ry7tfM-X-XYwq7WOjgk&google_cver=1?gdpr=0&gdpr_consent=

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
stg-cdn.healthsafe-id.com/ 4 KB
2 KB 615ms
472ms Document
text/html 2600:9000:2057:3e00:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3e00:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf940c3fa233bfdc5d150c771e257410622201a53fb1644f8b4bea9929e6d06d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Thu, 18 May 2023 04:41:41 GMT
ETag: W/"d097f5ae3f32b5db68ddc188d1bee920"
Last-Modified: Tue, 16 May 2023 21:20:32 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WcECyJCn-1buF0V9jOpRGkgPK-zWdtONMP0c6IOpPiwCOT1QTy-g-w==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: oabPluMy4cv1PmLz5Dl3Un0eg7.Ncq.e

GET
H/1.1 200
OK cx.js Show response
stage-repo.rakanto.com/rakanto/cx/ 136 KB
55 KB 1265ms
166ms Script
application/javascript 149.111.172.53
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-repo.rakanto.com/rakanto/cx/cx.js

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.172.53 , United States, ASN10879 (UHC, US),

Reverse DNS

stage-repo-elr.rakanto.com

Software

Resource Hash

d0a75fe6dbfdbae0071c700fa944c0390caa68b1c29c4810c39ecaf9e26bda98

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 04:41:41 GMT
Content-Encoding: gzip
Referrer-Policy: origin
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=1800, private
Connection: keep-alive
Expires: Thu, 18 May 2023 05:11:41 GMT

GET
H/1.1 200
OK vendors.6bc22db4.js Show response
dpybp1fijxkf4.cloudfront.net/static/js/ 360 KB
114 KB 130ms
46ms Script
application/javascript 2600:9000:2057:a600:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpybp1fijxkf4.cloudfront.net/static/js/vendors.6bc22db4.js
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6437ffda08bb03c1de3477919564ce95cedaf3cb187bc10c02aa0c431bc58f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 11:32:11 GMT
x-amz-version-id: tmpH5RJ4jEPYGP6kLny4skbuesZT55r4
Content-Encoding: gzip
Via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 61769
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Last-Modified: Tue, 16 May 2023 21:20:35 GMT
Server: AmazonS3
ETag: W/"737980cbba28265de58d91170cebdee6"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Amz-Cf-Id: i2hV4Unm81EMAurW8e7Vdp_qddHk0I5e_UYmJmH1jeMSB8U3p--ASg==

GET
H/1.1 200
OK index.a14ab653.js Show response
dpybp1fijxkf4.cloudfront.net/static/js/ 258 KB
75 KB 134ms
50ms Script
application/javascript 2600:9000:2057:a600:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpybp1fijxkf4.cloudfront.net/static/js/index.a14ab653.js
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6809d6c873a18c69b646f10dfb7d1428cd278266bfcbd9bec006aa0e1c204c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 11:32:11 GMT
x-amz-version-id: ueBgoOs_28mHFEs.iQgB.EoO6uPOf8c8
Content-Encoding: gzip
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 61769
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Last-Modified: Tue, 16 May 2023 21:20:35 GMT
Server: AmazonS3
ETag: W/"cd8f0bdb265bc74b32ba10060e27ae1a"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Amz-Cf-Id: Z5kWBXclF1TsDdtlwdDD-7lgbHqEkH-6eObynGuQZkU8nF3ROsycXw==

GET
H/1.1 200
OK unsupportedBrowser.18041b69.js Show response
dpybp1fijxkf4.cloudfront.net/static/js/ 2 KB
2 KB 132ms
49ms Script
application/javascript 2600:9000:2057:a600:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpybp1fijxkf4.cloudfront.net/static/js/unsupportedBrowser.18041b69.js
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f00abdcd7e2645b194f1745615756363763ccbb8ae8e3970cbcfef257b7034a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 2iOurEHd6_6oyeliFB8VKiryWQPiKEDt
Content-Encoding: gzip
Via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
Date: Wed, 17 May 2023 09:45:44 GMT
X-Amz-Cf-Pop: FRA6-C1
Age: 68157
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Last-Modified: Thu, 11 May 2023 18:16:48 GMT
Server: AmazonS3
ETag: W/"cb3d2ae2a21ae50047893a3567cc0286"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Amz-Cf-Id: 7AtwwcHOQcQGqFaryz-b1GtInRQ-z_ecbyIxW1dO7kK1uMqCPVYaTw==

GET
H/1.1 200
OK index.da2525e5.css
dpybp1fijxkf4.cloudfront.net/static/css/ 94 KB
16 KB 133ms
49ms Stylesheet
text/css 2600:9000:2057:a600:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpybp1fijxkf4.cloudfront.net/static/css/index.da2525e5.css
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2df58e6ac4368465baeba2bc1eac9a9900ca1323e50a1bc54fc255d376ab3573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 11:32:12 GMT
x-amz-version-id: GrEbNydlHw7KBJrjukCEC1djoNGnaNFp
Content-Encoding: gzip
Via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 61769
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Last-Modified: Tue, 16 May 2023 21:20:33 GMT
Server: AmazonS3
ETag: W/"ad68409ed3bcc99df2b2f8f0a6dbcd6b"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: wnNFY1xQATaom8KSTYJXKLTJU_q56JWDX1SMgRQi_gvtR6ADY5d0gA==

GET
H2 200 launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js Show response
assets.adobedtm.com/ 523 KB
103 KB 474ms
321ms Script
application/x-javascript 2a02:26f0:6c00:19d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Requested by: Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/js/index.a14ab653.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 71e863b345aa23f4ffec3dca38503af6f67535bfc303f83bdbbbb794e8044e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 04:41:41 GMT
content-encoding: gzip
last-modified: Tue, 02 May 2023 12:08:45 GMT
server: AkamaiNetStorage
etag: "bc1f5b2e24609bc9aa379e9332e127ef:1683029325.396725"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
content-length: 105439
expires: Thu, 18 May 2023 04:41:41 GMT

GET
H2 200 UHC2020Sans-Regular.woff2
member.werally.com/assets/fonts/ 23 KB
23 KB 557ms
449ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-Regular.woff2?

Requested by

Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/css/index.da2525e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

006d82594c8e42cdde29c93d2e492011440049a6e9636fa2a496158c39b7d51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dpybp1fijxkf4.cloudfront.net/
Origin: https://stg-cdn.healthsafe-id.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5a30"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 13-24096532-24096541 NNNN CT(101 102 0) RT(1684384900337 43) q(0 0 2 0) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 23088

GET
H/1.1 403
Forbidden en Show response
stg-cdn.healthsafe-id.com/uiconfig// 243 B
659 B 849ms
848ms XHR
application/xml 2600:9000:2057:3e00:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg-cdn.healthsafe-id.com/uiconfig//en
Requested by: Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/js/vendors.6bc22db4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3e00:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a5c13b60394d1e60459eaaddb30cbe021d7c5741738fe6b8bb56f9ceddf7b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 04:41:41 GMT
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Content-Type: application/xml
Vary: Origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: _RPF20GWJj_athGjP2t28gN5vM323R9tJpH2vbW5eOCcExMlc4WrFg==

GET
H3 403 en Show response
stg-cdn.healthsafe-id.com/hsid2/content// 243 B
477 B 848ms
803ms XHR
application/xml 2600:9000:2057:3e00:12:8ce4:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg-cdn.healthsafe-id.com/hsid2/content//en
Requested by: Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/js/vendors.6bc22db4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:3e00:12:8ce4:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a5c13b60394d1e60459eaaddb30cbe021d7c5741738fe6b8bb56f9ceddf7b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Origin
x-cache: Error from cloudfront
content-type: application/xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qWf2-y_eElBtZZvm1PaL1UxN7pGqCWKwhFQachU0y10QUV2LV1yKXA==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569

980 B
1 KB

58ms
57ms

XHR
application/json

52.212.178.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

HTTP/1.1

Server

52.212.178.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0fb35f113b2606ac12a99c0ea656a80612318d4d26f197ac20aa0df63fd9552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: kMSuHokvQNY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://stg-cdn.healthsafe-id.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 562
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-0d6777522.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aPbPqbjhSdI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://stg-cdn.healthsafe-id.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1684384901569
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/afe6ca320770/ 331 KB
85 KB 44ms
44ms Script
application/x-javascript 2a02:26f0:6c00:19d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/afe6ca320770/EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 27c339998840f44ce347e167a6595d1c8c5bdafcb89fcb19d7dea3b41a512158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
content-encoding: gzip
last-modified: Tue, 02 May 2023 12:08:46 GMT
server: AkamaiNetStorage
etag: "10b8f542829722d1d3cd0230d40e0d4a:1683029326.153268"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 86498
expires: Thu, 18 May 2023 05:41:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 141ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a9a1cccb97115e79b60c0fc9b9fb1cd2f4493b6f96304303a2f58ecc09b3f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48161
x-xss-protection: 0
last-modified: Thu, 18 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 May 2023 04:41:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
70 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95823f3e3c6e360653a13bf966b6a0567c4ef21e35fbf1f3dbe11407257056fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71476
x-xss-protection: 0
last-modified: Thu, 18 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 May 2023 04:41:41 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/hsid/u/ 473 KB
143 KB 498ms
397ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7395303d86fdc54104ed5fcef21b80eb0c64ac5cd3a336c253f36d607401f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
x-amz-version-id: _eHsOWZGZZJhmfivC6cJkwiTqek2pD2k
content-encoding: gzip
cf-cache-status: MISS
via: 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 16 May 2023 20:59:13 GMT
server: cloudflare
etag: W/"e548b92b282cc00a5aa56a55b61ba4c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c916de4fad4361f-FRA
x-amz-cf-id: gtDiFfj3nT9PQkLvWE5O83tfxTECR1zZqr63xqyDJQPv6cTWFSOh9g==
expires: Thu, 18 May 2023 08:41:42 GMT

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 69C5 7 KB
3 KB 230ms
54ms Document
text/html 52.211.140.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.140.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-140-166.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v048-022f6311b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: x1/YJ0F6Sjw=
content-encoding: gzip
date: Thu, 18 May 2023 04:41:42 GMT
last-modified: Wed, 10 May 2023 10:46:52 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
463 B 185ms
53ms XHR
application/x-javascript 63.140.62.164
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=55644276802492069311145067302763766305&ts=1684384901874

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

30b56a097a217e2967b4a0f4e89591dc2e5437e1e2ed938620bcef006699b1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZGWshgAAAIaFogOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=48146821230428342980003912314849377736
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGWshgAAAIaFogOJ

42 B
948 B

60ms
59ms

Image
image/gif

52.212.178.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGWshgAAAIaFogOJ

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

HTTP/1.1

Server

52.212.178.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v058-05f465e01.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: S0fVWbErTSs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGWshgAAAIaFogOJ
Date: Thu, 18 May 2023 04:41:42 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 UHCSerifHeadline-Semibold.woff2
member.werally.com/assets/fonts/ 22 KB
23 KB 441ms
440ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHCSerifHeadline-Semibold.woff2?

Requested by

Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/css/index.da2525e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a12469d7c7df581de892457b5385edd2b863bba48fb64626c933a199164121ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dpybp1fijxkf4.cloudfront.net/
Origin: https://stg-cdn.healthsafe-id.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5968"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 13-24096532-24096725 NNNN CT(101 197 0) RT(1684384900337 818) q(0 0 3 -1) r(4 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22888

GET
H2 200 UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ 22 KB
22 KB 422ms
422ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-Bold.woff2?

Requested by

Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/css/index.da2525e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dpybp1fijxkf4.cloudfront.net/
Origin: https://stg-cdn.healthsafe-id.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5794"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 13-24096532-24096727 NNNN CT(92 98 0) RT(1684384900337 822) q(0 0 2 -1) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22420

GET
H2 200 UHC2020Sans-SemiBold.woff2
member.werally.com/assets/fonts/ 22 KB
23 KB 151ms
151ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-SemiBold.woff2?

Requested by

Host: dpybp1fijxkf4.cloudfront.net
URL: https://dpybp1fijxkf4.cloudfront.net/static/css/index.da2525e5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dpybp1fijxkf4.cloudfront.net/
Origin: https://stg-cdn.healthsafe-id.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5920"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 13-24096532-24096541 PNNN RT(1684384900337 825) q(0 0 0 -1) r(1 1) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22816

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
863 B 215ms
74ms XHR
application/json 52.48.71.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=363c48ae82d541498be6acea9a313540&version=2.10.0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.71.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-71-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6d5d07670fc48867708ee704a427861abfbd89b3247b930eb2b37851445d931e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 05f1a0770232e7d0e7b552fd7a24d6e1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 3 KB
2 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1684384901908&cv=11&fst=1684384901908&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstg-cdn.healthsafe-id.com%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20Not%20Found%20-%20HealthSafe%20ID%C2%AE&auid=362960367.1684384902&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53c190980ed6da278eb2e15fcad1c5e505d070feccdf62843dd4ef64efa80a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 04:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
455 B 142ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1684384901908&cv=11&fst=1684382400000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstg-cdn.healthsafe-id.com%2F&frm=0&tiba=Page%20Not%20Found%20-%20HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1593061242&rmt_tld=0&ipr=y

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 04:41:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801669703/ 42 B
455 B 152ms
62ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801669703/?random=1684384901908&cv=11&fst=1684382400000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstg-cdn.healthsafe-id.com%2F&frm=0&tiba=Page%20Not%20Found%20-%20HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1593061242&rmt_tld=1&ipr=y

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 04:41:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEw4Ry7tfM-X-XYwq7WOjgk&google_cver=1
dpm.demdex.net/ Frame 69C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDgxNDY4MjEyMzA0MjgzNDI5ODAwMDM5MTIzMTQ4NDkzNzc3MzY=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEw4Ry7tfM-X-XYwq7WOjgk&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

60ms
60ms

Image
image/gif

52.212.178.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEw4Ry7tfM-X-XYwq7WOjgk&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

HTTP/1.1

Server

52.212.178.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-178-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5MAv7xDiRx8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 18 May 2023 04:41:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEw4Ry7tfM-X-XYwq7WOjgk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 69C5 70 B
265 B 176ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=stg-cdn.healthsafe-id.com&ttd_tpi=1
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 18 May 2023 04:41:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbix
global.ib-ibi.com/ Frame 69C5 0
72 B 628ms
153ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=48146821230428342980003912314849377736
Requested by: Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2 200 RC27118b4cbb854aff86652bc960a05b5e-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/afe6ca320770/ 1 KB
928 B 40ms
40ms Script
application/x-javascript 2a02:26f0:6c00:19d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/afe6ca320770/RC27118b4cbb854aff86652bc960a05b5e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 510383fd9de1c06145806b05e4406991cedce546939999a9dbac2199526f2fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
content-encoding: gzip
last-modified: Tue, 02 May 2023 12:08:46 GMT
server: AkamaiNetStorage
etag: "10b8f542829722d1d3cd0230d40e0d4a:1683029326.153268"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 657
expires: Thu, 18 May 2023 05:41:42 GMT

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 196ms
56ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Host: stg-cdn.healthsafe-id.com
URL: https://stg-cdn.healthsafe-id.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5edf0874d41586bf1556e7d5e07c9554fc53a262c3364ae2dd1a6a7c0970f198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 426055
cf-polished: origSize=9051
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"235b-Oiqd7/8jgAm5V6KdW9J/GDTugjY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7c916de9eaf2915e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/ 4 KB
3 KB 550ms
118ms XHR
application/json 54.81.134.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/cls_report?_cls_s=55644276802492069311145067302763766305&_cls_v=6de311d4-6541-465f-9f1c-f1ff652ba862&pv=2&f_cls_s=true

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.81.134.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-81-134-51.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

d2cfa51eab2af7107468ec8d6a51cfbbf1aad833498d2ab26a14a93c2754d71c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 04:41:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1431
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
access-control-allow-credentials: true
GB-Server: g5025
X-Robots-Tag: noindex

POST
H/1.1 200
OK / Show response
stage-cse.rakanto.com/cx_collector/ 3 B
476 B 1650ms
153ms XHR
text/plain 149.111.172.51
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-cse.rakanto.com/cx_collector/

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.172.51 , United States, ASN10879 (UHC, US),

Reverse DNS

stage-cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 18 May 2023 04:41:44 GMT
X-ps-id: elr_cse_collector_1
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://stg-cdn.healthsafe-id.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

POST
H/1.1 200
OK / Show response
stage-cse.rakanto.com/cx_collector/ 3 B
476 B 1475ms
154ms XHR
text/plain 149.111.172.51
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-cse.rakanto.com/cx_collector/

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.172.51 , United States, ASN10879 (UHC, US),

Reverse DNS

stage-cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 18 May 2023 04:41:44 GMT
X-ps-id: elr_cse_collector_1
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://stg-cdn.healthsafe-id.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 10.ff5c35506eb6156df16c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
20 KB 57ms
56ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/10.ff5c35506eb6156df16c.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=stg-cdn.healthsafe-id.com

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f33f4452c207172ffbf94d57edf631a8a29deaeed7934869204a066d8ff2f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 99987
cf-polished: origSize=66398
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1035e-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7c916dea4b35915e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 54 KB
5 KB 185ms
185ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fae0e820793bad61659e6ee1b80850659874f09119691ce98609410c4aa5360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stg-cdn.healthsafe-id.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 May 2023 04:41:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://stg-cdn.healthsafe-id.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 80914c23d993d601
cf-ray: 7c916deabb98915e-FRA
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 58ms
58ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/10.ff5c35506eb6156df16c.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=stg-cdn.healthsafe-id.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 99988
cf-polished: origSize=104979
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19a13-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7c916debec72915e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 5.38c3d23ae44011b71597.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
914 B 59ms
59ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/5.38c3d23ae44011b71597.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07bc02d4a4a9fdc299caf0e23c71844fbcfbc8981fbc97b31d4362910299307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 99987
cf-polished: origSize=2522
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9da-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7c916dec9cf3915e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.ecb6e5626e4e126a641d.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 54ms
54ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.ecb6e5626e4e126a641d.chunk.js?Q_CLIENTVERSION=1.91.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53e7181dbff28237aa2e8949532257c029ade2874f141d16d3f5709ce376059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stg-cdn.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 04:41:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 99957
cf-polished: origSize=29372
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 May 2023 22:42:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72bc-187fd87ef48"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7c916dec9cf5915e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stg-cdn.healthsafe-id.com/	1969-12-31 23:59:59	Name: rakanto_ubrid Value:
.healthsafe-id.com/	1969-12-31 23:59:59	Name: at_check Value: true
.healthsafe-id.com/	1970-01-20 14:02:40	Name: _gcl_au Value: 1.1.362960367.1684384902
.demdex.net/	1970-01-20 16:12:16	Name: demdex Value: 48146821230428342980003912314849377736
.healthsafe-id.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.rakanto.com/	1970-01-20 21:29:04	Name: pixel-ubrid Value: v2.0-01d7e47af3eaa6dc761992d77591c642-1351-1354-1683180998955-0000376418-1684384901924
.healthsafe-id.com/	1970-01-20 21:29:04	Name: mbox Value: session#363c48ae82d541498be6acea9a313540#1684386763\|PC#363c48ae82d541498be6acea9a313540.37_0#1747629703
.everesttech.net/	1970-01-20 20:38:40	Name: everest_g_v2 Value: g_surferid~ZGWshgAAAIaFogOJ
.dpm.demdex.net/	1970-01-20 16:12:16	Name: dpm Value: 48146821230428342980003912314849377736
.healthsafe-id.com/	1970-01-20 21:29:04	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19496%7CMCMID%7C55644276802492069311145067302763766305%7CMCAAMLH-1684989701%7C6%7CMCAAMB-1684989701%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684392102s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19503%7CvVersion%7C5.0.1
.doubleclick.net/	1970-01-20 21:14:40	Name: IDE Value: AHWqTUlz1sxpPxmPtaXZnFDDcAe1vZkyzd9Anny3KDJaAfQg3XANL94hsD4MKZqGa0k
stg-cdn.healthsafe-id.com/	1970-01-20 11:53:06	Name: RakantoClientSideData Value: eyJ1YnJpZCI6InYyLjAtMDFkN2U0N2FmM2VhYTZkYzc2MTk5MmQ3NzU5MWM2NDItMTM1MS0xMzU0LTE2ODMxODA5OTg5NTUtMDAwMDM3NjQxOC0xNjg0Mzg0OTAxOTI0IiwiY29tbWl0X2hhc2giOiJjNmM2YmJjIn0=
.healthsafe-id.com/	1970-01-20 21:29:04	Name: pixel-ubrid Value: v2.0-01d7e47af3eaa6dc761992d77591c642-1351-1354-1683180998955-0000376418-1684384901924
.demdex.net/	1970-01-20 16:12:16	Name: dextp Value: 771-1-1684384902139\|903-1-1684384902240\|285689-1-1684384902341
.healthsafe-id.com/	1970-01-20 21:29:04	Name: _cls_v Value: 6de311d4-6541-465f-9f1c-f1ff652ba862
.healthsafe-id.com/	1969-12-31 23:59:59	Name: _cls_s Value: 55644276802492069311145067302763766305
report.uhg.glassboxdigital.io/	1970-01-20 12:03:09	Name: AWSALBCORS Value: VWq2rsldtFUhl3smvnH8zx6ahpbh+o4DTsc2YH9GSn9l1TCUszFfX78p2IoSUo/cqOou2d24uvjB/dSAu8PxrFAUbDTJT9gmgKqrZTXdvG8IktmJbDGJF93xON8l

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://stg-cdn.healthsafe-id.com/hsid2/content//en Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://stg-cdn.healthsafe-id.com/uiconfig//en Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js(Line 93) Message: Refused to create a worker from 'blob:https://stg-cdn.healthsafe-id.com/1dc47b10-bd2d-41eb-89db-d925de4fa0f1' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.gbqofs.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dpybp1fijxkf4.cloudfront.net
global.ib-ibi.com
googleads.g.doubleclick.net
match.adsrvr.org
member.werally.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
stage-cse.rakanto.com
stage-repo.rakanto.com
stg-cdn.healthsafe-id.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.com
www.google.de
www.googletagmanager.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
104.17.208.240
142.250.181.226
149.111.172.51
149.111.172.53
15.197.193.217
216.46.185.182
2600:9000:2057:3e00:12:8ce4:2800:21
2600:9000:2057:a600:12:8ce4:2800:21
2606:4700::6812:190d
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a02:26f0:6c00:19d::1e80
45.60.33.26
52.16.185.84
52.211.140.166
52.212.178.201
52.48.71.111
54.81.134.51
63.140.62.164
006d82594c8e42cdde29c93d2e492011440049a6e9636fa2a496158c39b7d51c
0f7395303d86fdc54104ed5fcef21b80eb0c64ac5cd3a336c253f36d607401f0
0fb35f113b2606ac12a99c0ea656a80612318d4d26f197ac20aa0df63fd9552c
27c339998840f44ce347e167a6595d1c8c5bdafcb89fcb19d7dea3b41a512158
2a9a1cccb97115e79b60c0fc9b9fb1cd2f4493b6f96304303a2f58ecc09b3f65
2df58e6ac4368465baeba2bc1eac9a9900ca1323e50a1bc54fc255d376ab3573
30b56a097a217e2967b4a0f4e89591dc2e5437e1e2ed938620bcef006699b1c0
33a5c13b60394d1e60459eaaddb30cbe021d7c5741738fe6b8bb56f9ceddf7b3
510383fd9de1c06145806b05e4406991cedce546939999a9dbac2199526f2fbb
53c190980ed6da278eb2e15fcad1c5e505d070feccdf62843dd4ef64efa80a77
5edf0874d41586bf1556e7d5e07c9554fc53a262c3364ae2dd1a6a7c0970f198
6437ffda08bb03c1de3477919564ce95cedaf3cb187bc10c02aa0c431bc58f96
6809d6c873a18c69b646f10dfb7d1428cd278266bfcbd9bec006aa0e1c204c5a
6d5d07670fc48867708ee704a427861abfbd89b3247b930eb2b37851445d931e
6fae0e820793bad61659e6ee1b80850659874f09119691ce98609410c4aa5360
71e863b345aa23f4ffec3dca38503af6f67535bfc303f83bdbbbb794e8044e1a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f33f4452c207172ffbf94d57edf631a8a29deaeed7934869204a066d8ff2f53
80612033ea475d4cebf196357cc1f0b9eec98c0cfcaff55531acacd5bf3a459a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
95823f3e3c6e360653a13bf966b6a0567c4ef21e35fbf1f3dbe11407257056fb
a12469d7c7df581de892457b5385edd2b863bba48fb64626c933a199164121ef
a53e7181dbff28237aa2e8949532257c029ade2874f141d16d3f5709ce376059
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf940c3fa233bfdc5d150c771e257410622201a53fb1644f8b4bea9929e6d06d
d07bc02d4a4a9fdc299caf0e23c71844fbcfbc8981fbc97b31d4362910299307
d0a75fe6dbfdbae0071c700fa944c0390caa68b1c29c4810c39ecaf9e26bda98
d2cfa51eab2af7107468ec8d6a51cfbbf1aad833498d2ab26a14a93c2754d71c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00abdcd7e2645b194f1745615756363763ccbb8ae8e3970cbcfef257b7034a6
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

stg-cdn.healthsafe-id.com Open in urlscan Pro 2600:9000:2057:3e00:12:8ce4:2800:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

38 %IPv6

18 Domains

22 Subdomains

19 IPs

4 Countries

887 kBTransfer

2864 kBSize

17 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

stg-cdn.healthsafe-id.com Open in urlscan Pro
2600:9000:2057:3e00:12:8ce4:2800:21 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

38 %
IPv6

18
Domains

22
Subdomains

19
IPs

4
Countries

887 kB
Transfer

2864 kB
Size

17
Cookies

38 HTTP transactions
0 data transactions