urlscan.io logo urlscan.io
SecurityTrails logo

st1.healthsafe-id.com Open in urlscan Pro
13.32.208.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tst-account.uhcretireeaccounts.com/
Effective URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.h...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 09 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 21 domains to perform 90 HTTP transactions. The main IP is 13.32.208.20, located in United States and belongs to AMAZON-02, US. The main domain is st1.healthsafe-id.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 18th 2023. Valid for: a year.
This is the only time st1.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 40.65.211.6 8075 (MICROSOFT...)
1 1 168.183.38.206 10879 (UHC)
2 22 13.32.208.20 16509 (AMAZON-02)
1 168.183.32.197 10879 (UHC)
8 184.29.132.250 16625 (AKAMAI-AS)
1 5 52.206.49.117 14618 (AMAZON-AES)
2 104.18.25.13 13335 (CLOUDFLAR...)
5 142.251.163.97 15169 (GOOGLE)
2 149.111.172.51 10879 (UHC)
1 52.70.105.163 14618 (AMAZON-AES)
2 63.140.38.219 14618 (AMAZON-AES)
1 1 52.203.231.55 14618 (AMAZON-AES)
1 63.140.38.113 14618 (AMAZON-AES)
2 142.251.179.156 15169 (GOOGLE)
2 2 172.253.63.155 15169 (GOOGLE)
2 172.253.122.103 15169 (GOOGLE)
2 142.250.31.94 15169 (GOOGLE)
2 2 15.197.193.217 16509 (AMAZON-02)
2 13.107.213.38 8075 (MICROSOFT...)
1 45.60.31.26 19551 (INCAPSULA)
2 4 142.251.16.149 15169 (GOOGLE)
2 172.253.115.155 15169 (GOOGLE)
2 157.240.244.1 32934 (FACEBOOK)
1 157.240.244.35 32934 (FACEBOOK)
6 104.17.209.240 13335 (CLOUDFLAR...)
2 52.205.222.5 14618 (AMAZON-AES)
15 192.225.158.132 30286 (THM)
1 4 192.225.158.1 30286 (THM)
1 192.225.158.3 ()
90 25
2    40.65.211.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tst-account.uhcretireeaccounts.com
1    168.183.38.206 (United States)

ASN10879 (UHC, US)
stage-sso.optum.com
22    13.32.208.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-20.iad66.r.cloudfront.net
st1.healthsafe-id.com
1    168.183.32.197 (United States)

ASN10879 (UHC, US)
PTR: stage-repo-ctc.rakanto.com
stage-repo.rakanto.com
8    184.29.132.250 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-250.deploy.static.akamaitechnologies.com
assets.adobedtm.com
5    52.206.49.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-49-117.compute-1.amazonaws.com
dpm.demdex.net
2    104.18.25.13 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.gbqofs.com
5    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
2    149.111.172.51 (United States)

ASN10879 (UHC, US)
PTR: stage-cse-elr.rakanto.com
stage-cse.rakanto.com
1    52.70.105.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-105-163.compute-1.amazonaws.com
unitedhealthgroup.demdex.net
2    63.140.38.219 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-219.data.adobedc.net
smetrics.optum.com
1    52.203.231.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-231-55.compute-1.amazonaws.com
cm.everesttech.net
1    63.140.38.113 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-113.data.adobedc.net
unitedhealthgroup.tt.omtrdc.net
2    142.251.179.156 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net
googleads.g.doubleclick.net
2    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
cm.g.doubleclick.net
2    172.253.122.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f103.1e100.net
www.google.com
2    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    13.107.213.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
myoptum-stage.optum.com
1    45.60.31.26 (United States)

ASN19551 (INCAPSULA, US)
member.werally.com
4    142.251.16.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f149.1e100.net
8584968.fls.doubleclick.net
11726966.fls.doubleclick.net
2    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
adservice.google.com
2    157.240.244.1 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-mty2.fbcdn.net
connect.facebook.net
1    157.240.244.35 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-mty2.facebook.com
www.facebook.com
6    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2    52.205.222.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-222-5.compute-1.amazonaws.com
report.uhg.glassboxdigital.io
15    192.225.158.132 (United States)

ASN30286 (THM, US)
rba-screen.healthsafe-id.com
4    192.225.158.1 (United States)

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net
h.online-metrix.net
1    192.225.158.3 (None, )

ASN- ()
996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
37 healthsafe-id.com
st1.healthsafe-id.com
rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 54623
610 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
8584968.fls.doubleclick.net — Cisco Umbrella Rank: 27938
11726966.fls.doubleclick.net — Cisco Umbrella Rank: 92681
7 KB
8 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 466
192 KB
6 qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 37902
siteintercept.qualtrics.com — Cisco Umbrella Rank: 985
71 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 19816
8 KB
5 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2962
996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net
17 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
356 KB
5 optum.com
stage-sso.optum.com
smetrics.optum.com — Cisco Umbrella Rank: 18539
myoptum-stage.optum.com
16 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
1 KB
3 rakanto.com
stage-repo.rakanto.com — Cisco Umbrella Rank: 274542
stage-cse.rakanto.com — Cisco Umbrella Rank: 438573
60 KB
2 glassboxdigital.io
report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 21859
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
91 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
704 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9133
565 B
2 gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 6653
291 KB
2 uhcretireeaccounts.com
tst-account.uhcretireeaccounts.com
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
186 B
1 werally.com
member.werally.com — Cisco Umbrella Rank: 55361
899 B
1 omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 19774
857 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1275
517 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
90 21
Domain Requested by
22 st1.healthsafe-id.com 2 redirects st1.healthsafe-id.com
15 rba-screen.healthsafe-id.com st1.healthsafe-id.com
rba-screen.healthsafe-id.com
cdn.gbqofs.com
8 assets.adobedtm.com st1.healthsafe-id.com
assets.adobedtm.com
5 siteintercept.qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
st1.healthsafe-id.com
siteintercept.qualtrics.com
5 www.googletagmanager.com assets.adobedtm.com
www.googletagmanager.com
5 dpm.demdex.net 1 redirects st1.healthsafe-id.com
4 h.online-metrix.net 1 redirects rba-screen.healthsafe-id.com
2 report.uhg.glassboxdigital.io st1.healthsafe-id.com
cdn.gbqofs.com
2 connect.facebook.net st1.healthsafe-id.com
connect.facebook.net
2 adservice.google.com 8584968.fls.doubleclick.net
11726966.fls.doubleclick.net
2 11726966.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 8584968.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 myoptum-stage.optum.com st1.healthsafe-id.com
2 match.adsrvr.org 2 redirects
2 www.google.ca st1.healthsafe-id.com
2 www.google.com st1.healthsafe-id.com
2 cm.g.doubleclick.net 2 redirects
2 googleads.g.doubleclick.net www.googletagmanager.com
2 smetrics.optum.com st1.healthsafe-id.com
2 stage-cse.rakanto.com st1.healthsafe-id.com
2 cdn.gbqofs.com st1.healthsafe-id.com
cdn.gbqofs.com
2 tst-account.uhcretireeaccounts.com 2 redirects
1 996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net
1 zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com st1.healthsafe-id.com
1 www.facebook.com st1.healthsafe-id.com
1 member.werally.com st1.healthsafe-id.com
1 unitedhealthgroup.tt.omtrdc.net st1.healthsafe-id.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 stage-repo.rakanto.com st1.healthsafe-id.com
1 stage-sso.optum.com 1 redirects
0 global.ib-ibi.com Failed st1.healthsafe-id.com
90 32

This site contains links to these domains. Also see Links.

Domain
stg-account.uhcretireeaccounts.com
www.uhc.com
Subject Issuer Validity Valid
st1.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA		 2023-09-18 -
2024-09-17		 a year crt.sh
stage-repo.rakanto.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-14 -
2024-07-13		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
gbqofs.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
stage-cse.rakanto.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-04 -
2024-07-03		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.optum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-04-21		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
myoptum-dev.optum.com
COMODO RSA Organization Validation Secure Server CA		 2023-03-15 -
2024-03-14		 a year crt.sh
*.werally.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-28 -
2024-07-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
uhg.glassboxdigital.io
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-08		 a year crt.sh
rba-screen.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA		 2023-04-24 -
2024-04-23		 a year crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-01-09 -
2024-01-23		 a year crt.sh
*.d.aa.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-03-03 -
2024-03-04		 a year crt.sh

This page contains 10 frames:

Primary Page: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Frame ID: 2DB946789B3E1D9CEE62D51EEA0E7B22
Requests: 62 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: D40AD3354FEE8B5196FC0A88E0F72039
Requests: 4 HTTP requests in this frame

Frame: https://st1.healthsafe-id.com/protected/crossStorageHub
Frame ID: 4A33620CCD6B68A4020F8D48D4FD0C09
Requests: 2 HTTP requests in this frame

Frame: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Frame ID: F1A9C5F8C4767F05D5A5689032C5B45C
Requests: 2 HTTP requests in this frame

Frame: https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Frame ID: 954DA3295AE4AEE8E98D3DFA1D9D55C7
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Frame ID: B06257954FDDCE4043A29AAB6C1ACF2F
Requests: 12 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/HP?session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 6FD11206E3B578CB5DE29B4F068951FF
Requests: 3 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Frame ID: 4BE34EDBFE60678231338E905CA9B426
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Frame ID: 1D4CD2409D0CA2C6B4572ED2A60EF197
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Frame ID: FD8FD40E06C2770E877651C8BFBCC88B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - OptumBank

Page URL History Show full URLs

  1. http://tst-account.uhcretireeaccounts.com/ HTTP 301
    https://tst-account.uhcretireeaccounts.com/ HTTP 302
    https://stage-sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-stage... HTTP 302
    https://st1.healthsafe-id.com/rt/secure/auth/capuhcra/en?resume=/as/3rQVzw2zIq/resume/as/authorization.pin... HTTP 302
    https://st1.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

90
Requests

93 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

25
IPs

3
Countries

1720 kB
Transfer

5782 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tst-account.uhcretireeaccounts.com/ HTTP 301
    https://tst-account.uhcretireeaccounts.com/ HTTP 302
    https://stage-sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-stage&redirect_uri=https%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback&response_type=code&scope=openid&state=yGfEeTwL3inFBWpUnJSCq1yaY82OixDOaHgopYdc_8U%3A%2F%3Fbrand%3DUHCRA%26portal%3DUHCRA&pfidpadapterid=HsidNewUIOidcStage&portal=capuhcra HTTP 302
    https://st1.healthsafe-id.com/rt/secure/auth/capuhcra/en?resume=/as/3rQVzw2zIq/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidcStage&redirect_uri=https://tst-account.uhcretireeaccounts.com/login/callback&portal=capuhcra&client_id=bank-cloud-stage HTTP 302
    https://st1.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fst1.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiYUtqNUthTmJLRk1PUklZX2g4aTVWTFNVVkZFIiwic3VmZml4IjoibkhnMUhzLjE2OTk1MTM5NTEifQ..Ou_3RJo5TZCHbz5AP0Ldiw.pmwfxhVnpRYX1JqmPRqLgDVlcqWm-HhGGS5fmtT5XPkWI-p0Z2QjqwKQKuqpMwKLkHuS9044sHwpQiW1ScVEhEgHJW5eqSHd-qXhO1xbDR8SNLVwZO2vqGMVg6ca0QDcFWflFM1aRfcbqSJRtEiKGZPMpz8B2nadYmXcnYHCuo00Dj0fwpSSX9MFixgDWudf1wKhptqdye3qbXqb55lQh0cPJgbd9QkvRWuZu2F29hY8EIgRpLHorokZhAHpsi6DwnonABXM7C6IgY-9T5qBT_s3Jie_bJ8-obqt8rqqsz7avPeITGJg3Hhzc2NdYCo7.Xne8WTKz39QfXQ-U48Mn0Q&nonce=kADSrjz6YpFKDIjLt6A1gv_YAXGZ-se8a_0iFYfkTyw&acr_values=BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&vnd_pi_application_name=HSIDStageRTApp HTTP 302
    https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644
Request Chain 19
  • https://cm.everesttech.net/cm/dd?d_uuid=16330634119444753593849190665475959723 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUyFNQAAALg__AN-
Request Chain 22
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTYzMzA2MzQxMTk0NDQ3NTM1OTM4NDkxOTA2NjU0NzU5NTk3MjM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTYzMzA2MzQxMTk0NDQ3NTM1OTM4NDkxOTA2NjU0NzU5NTk3MjM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECTo-QSAZU14m8u53IX2UDE&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 25
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=st1.healthsafe-id.com&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=st1.healthsafe-id.com&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=be13ccc4-5c28-4b62-8fd6-da105c52a380
Request Chain 44
  • https://8584968.fls.doubleclick.net/activityi;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0 HTTP 302
  • https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Request Chain 49
  • https://11726966.fls.doubleclick.net/activityi;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0 HTTP 302
  • https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Request Chain 78
  • https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&gttl=155520000 HTTP 302
  • https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&k=2

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
st1.healthsafe-id.com/rt/
Redirect Chain
  • http://tst-account.uhcretireeaccounts.com/
  • https://tst-account.uhcretireeaccounts.com/
  • https://stage-sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-stage&redirect_uri=https%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback&response_ty...
  • https://st1.healthsafe-id.com/rt/secure/auth/capuhcra/en?resume=/as/3rQVzw2zIq/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidcStage&redirect_...
  • https://st1.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fst1.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc4f28316514c60eb0f27f34b1db7d1a18134c48250135e6c6c21b423f5b6ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 09 Nov 2023 07:07:32 GMT
etag
expires
0
last-modified
pragma
no-cache
server
AmazonS3
vary
Accept-Encoding
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-id
V_f5Tc0ziV2tVgXtSnwEqbl0DODakor2M8hhyefTZj8356Qjm0Nt3Q==
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
9isvtCDmKKaFXZfLHx3.p9y0AvTAUhZz
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-length
0
content-type
text/html;charset=utf-8
date
Thu, 09 Nov 2023 07:07:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
pragma
no-cache
referrer-policy
origin
strict-transport-security
max-age=16070400; includeSubDomains; preload
via
1.1 6ff4697c5089876d94430beacc9a4d5e.cloudfront.net (CloudFront)
x-amz-cf-id
4c_xAwYN8V6VCG7IC-596CY99l0QZih_OagIaiCVSRr79jSAJcHjTg==
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
bundles-average.js
st1.healthsafe-id.com/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/assets/bundles-average.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
dbe5c9403e8c3fec07ce3f99163e5b60fba96ee91f21e3dbcd9ac07f9d2a0a1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:31 GMT
content-encoding
gzip
via
1.1 google, 1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
x-ion-hop
0
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MSEUJk87VEfOxgogRmtvMxnavJBdFk21nGyHK-iTe8jkzSqq6bghlA==
expires
0
bundles-average.js
st1.healthsafe-id.com/assets/ 		260 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
e6ab5b42e39661fceeaadef5d552a1c0509a8d2d8abc237922400aa3b3c58ede

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:31 GMT
content-encoding
gzip
via
1.1 google, 1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
x-ion-hop
0
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=3600, immutable
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
chrkZcuPuWXdOMX3LhnKTA8lFHzUyD8xYtAZo_EiIn1O1UopkiGWng==
cx.js
stage-repo.rakanto.com/rakanto/cx/ 		150 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-repo.rakanto.com/rakanto/cx/cx.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.32.197 , United States, ASN10879 (UHC, US),
Reverse DNS
stage-repo-ctc.rakanto.com
Software
/
Resource Hash
5755df35dfedd137b35ec2e1542d88b832ff0170a78e5075d4339dd2e58b2cac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:32 GMT
Content-Encoding
gzip
Referrer-Policy
origin
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=1800, private
Connection
keep-alive
Expires
Thu, 09 Nov 2023 07:37:32 GMT
index.1c4e9342.js
st1.healthsafe-id.com/static/js/ 		507 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e8216597f2535b4f35144da67c88d2303074c25f24fd72dc2f1123830167e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
mgPk8sufNYZ8KxBGcgLGaDhEmJ0ItdAG
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 07:07:33 GMT
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"2474af5e481aa558813c83bcebd323aa"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
b1Qh1FuaYUsYLK-EgIAfFZPFymL5Fl_UawbfmOIHGXOUlf300lBSsg==
unsupportedBrowser.18041b69.js
st1.healthsafe-id.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/js/unsupportedBrowser.18041b69.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f00abdcd7e2645b194f1745615756363763ccbb8ae8e3970cbcfef257b7034a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
Ti0LUyWqTr9.GjxDI80vqW6QF2of2cD5
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 07:07:33 GMT
last-modified
Thu, 02 Nov 2023 21:09:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"cb3d2ae2a21ae50047893a3567cc0286"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AvABjflX3j8LavgApcNNze8_PNU2fnC-XcMcngl8vfIg4YDlYUpQfw==
index.6101ffa1.css
st1.healthsafe-id.com/static/css/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f96cf3fc72510bf8b713484c41ddf47ca9a0af68422a1d45acd38ddb8baa3cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
9Bnt_klzWLIuZU_FRUNOAta.hmED8yLi
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 07:07:33 GMT
last-modified
Wed, 08 Nov 2023 21:03:28 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"19842d54e5f888feb796c576f87cdb6d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eHhQBeBMZ1RcxImfvQxbQ95WW84nH7NYbO9uiY7WV8Z3BrqXIEos_A==
launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
assets.adobedtm.com/ 		533 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
431516c7aba1f61696b8738b40bb3e90c9b0cab132488e68475454de6c09b4fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:32 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:53 GMT
server
AkamaiNetStorage
etag
"e81b02cf187edfc9108e5399befe9cb4:1699513013.13177"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 07:07:32 GMT
en
st1.healthsafe-id.com/uiconfig/capuhcra/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/uiconfig/capuhcra/en
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
9abddccccdbff4c53633904feb4866f8d0fca22dbf22a4df7ce67607f2d87b75
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:32 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
813
x-xss-protection
1; mode=block
pragma
no-cache
x-ps-id
hsid-stage-ctc-1
etag
"18-gzip"
x-frame-options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
BbTJJVxtFpSXAp3Q_Ua2voua662uEaVAACSFUDQ8tDBqhCqkxlejhQ==
expires
0
en
st1.healthsafe-id.com/hsid2/content/capuhcra/ 		51 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/hsid2/content/capuhcra/en
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
1fdc0488cbd058b2ca128ea2d757cc6cb9e52767c3a85596130c298fb3607a01
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15866
x-xss-protection
1; mode=block
pragma
no-cache
x-ps-id
hsid-stage-ctc-2
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
acsuU39w8ujy0n8Te2xSDESR7ATMI41-WwLIVj5Tx678e3yPTVjZtA==
expires
0
UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
st1.healthsafe-id.com/static/media/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/media/UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41

Request headers

Referer
https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Origin
https://st1.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
hpLkGALQPb1gxnyMUK6Un6iUouIzjAm_
date
Thu, 09 Nov 2023 07:07:33 GMT
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23212
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
etag
"bcbe88fab9e22b1eac7a432af94051c7"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
5lF8mYz7E53mvlXaGPPl9RJ8tOJvjFZkr59vrmYW7eMLi9yDVp3FWg==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644
976 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.206.49.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-49-117.compute-1.amazonaws.com
Software
/
Resource Hash
50a0460d7a549e15f9d2ddd06d64fc3896b7c0c7fb619b85e1f5de9887fba7b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-07e6558ac.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
+bk2mEiIROU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://st1.healthsafe-id.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
561
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v052-01f997fab.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
f7UctgZ3Qzs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://st1.healthsafe-id.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1699513652644
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXb025ec900c9f44858d97757ba73f990b-libraryCode_source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		331 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/EXb025ec900c9f44858d97757ba73f990b-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a71196088fe514d5be5531061bb6666a9e73a9839980fa0b4177415ce566937d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:32 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 08:07:32 GMT
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/u/ 		482 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785b9db4603d17cb874e3b67a433b810fd28dd888456e09fb2d6bb49c8f94477

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:32 GMT
x-amz-version-id
ZAgIcJk2k07vXU9apgWnHpwC6NoI2KxU
content-encoding
gzip
cf-cache-status
REVALIDATED
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 03 Nov 2023 20:07:50 GMT
server
cloudflare
etag
W/"1c6e33a4dd9df77b5f6dc9c6884310cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
823438299e7a36fc-YYZ
x-amz-cf-id
PvXceCHtMQWRx1en4LlL4Uizi4j_tLiA-gBKj2XxQsnLcn-z4cTBMA==
expires
Thu, 09 Nov 2023 11:07:32 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8584968
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8829ad45d1e33237359097a465c0dcfa73ef2e20e7665e1bc91094607188172d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67184
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 07:07:32 GMT
/
stage-cse.rakanto.com/cx_collector/ 		3 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stage-cse.rakanto.com/cx_collector/
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.172.51 , United States, ASN10879 (UHC, US),
Reverse DNS
stage-cse-elr.rakanto.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 09 Nov 2023 07:07:33 GMT
X-ps-id
elr_cse_collector_1
Referrer-Policy
origin
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://st1.healthsafe-id.com
Access-Control-Expose-Headers
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c66d1ca9ca062cd871193c8cbba35a4430e22f443b31203ab561a386f4f8493e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77690
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 07:07:32 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame D40A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.105.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-105-163.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-va6-2-v052-0103ed628.edge-va6.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rH3usS5FRwE=
content-encoding
gzip
date
Thu, 9 Nov 2023 07:07:33 GMT
last-modified
Thu, 26 Oct 2023 11:22:47 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.optum.com/ 		48 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=18195071408620065824216191805530518594&ts=1699513652931
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.219 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-219.data.adobedc.net
Software
jag /
Resource Hash
cc2c882c6ba419cb61d6070b361ee03f1694b2db5a507872ce897bc43f02eee5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://st1.healthsafe-id.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZUyFNQAAALg__AN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=16330634119444753593849190665475959723
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUyFNQAAALg__AN-
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUyFNQAAALg__AN-
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.206.49.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-49-117.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-0f1f2687c.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
c2xvyqfbQkU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUyFNQAAALg__AN-
Date
Thu, 09 Nov 2023 07:07:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 		360 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=e9013fb1db794a4aa7846f3e89790dd9&version=2.10.0
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-113.data.adobedc.net
Software
jag /
Resource Hash
ff6562acb2cb31cc6ed038f9ce6706fed6b2ee980829887e2c456050c8b0b777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
917e589a-8c30-46db-8d0e-ac0677d28ea5
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1699513653023&cv=11&fst=1699513653023&bg=ffffff&guid=ON&async=1&gtm=45be3b60v886616604&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=HealthSafe%20ID%C2%AE&auid=1108108651.1699513653&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
63899056f6788249d807785b5aa2a7cd625977f936d2024294d78dcc31878aab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1514
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESECTo-QSAZU14m8u53IX2UDE&google_cver=1
dpm.demdex.net/ Frame D40A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTYzMzA2MzQxMTk0NDQ3NTM1OTM4NDkxOTA2NjU0NzU5NTk3MjM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTYzMzA2MzQxMTk0NDQ3NTM1OTM4NDkxOTA2NjU0NzU5NTk3MjM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECTo-QSAZU14m8u53IX2UDE&google_cver=1?gdpr=0&gdpr_consent=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECTo-QSAZU14m8u53IX2UDE&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.206.49.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-49-117.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-0673c7672.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fMrvW4+sQ6U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECTo-QSAZU14m8u53IX2UDE&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801669703/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801669703/?random=1699513653023&cv=11&fst=1699513200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v886616604&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNNbK297zkzatT4CLw2oLb9H16BxvQJQ&random=3582152043&rmt_tld=0&ipr=y
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/801669703/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/801669703/?random=1699513653023&cv=11&fst=1699513200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v886616604&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNNbK297zkzatT4CLw2oLb9H16BxvQJQ&random=3582152043&rmt_tld=1&ipr=y
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=be13ccc4-5c28-4b62-8fd6-da105c52a380
dpm.demdex.net/ Frame D40A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=st1.healthsafe-id.com&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=st1.healthsafe-id.com&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=be13ccc4-5c28-4b62-8fd6-da105c52a380
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=be13ccc4-5c28-4b62-8fd6-da105c52a380
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.206.49.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-49-117.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v052-06f58ffd6.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JOlx/xknQEk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=be13ccc4-5c28-4b62-8fd6-da105c52a380
date
Thu, 09 Nov 2023 07:07:33 GMT
server
Kestrel
content-length
189
706.ab787503.chunk.js
st1.healthsafe-id.com/static/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/js/706.ab787503.chunk.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85321e0b8f27f57f530a6139690ae4588bcbfab6c80278d43c6888566ee66eb6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
tv.8xG5E4jgnCM7RH2dM2FmUbNDmNgKf
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 07:07:34 GMT
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"a14742a161e08e53daf4ce7cfbb753f6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
HWV8eYiKE5QbTLRDbAVxCsnFyvxg3ySO8G59f0x3Ys4LS-Ou8R9-iQ==
939.bf97af37.chunk.css
st1.healthsafe-id.com/static/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/css/939.bf97af37.chunk.css
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
908138e6e8a14049c83de7b552d315be226c0dec2a0c8a01f83f7b24d5c1a310

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
x-amz-version-id
PQVAvN14EPpqq15fc9uwSOsr5goFp7gS
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 21:03:28 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
etag
W/"59776d755b33525d33b497d70053bc24"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QcezpjBVX0W3vPmDQN2ecIgu5CcvCgaXnXUvfQXeDn2lATf1YD1zjg==
939.d1848e78.chunk.js
st1.healthsafe-id.com/static/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/js/939.d1848e78.chunk.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ec2307caf663d0bfdb779bdf51a54405e811fece07967acaae545ec04638e1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
x-amz-version-id
1hryDSMPbhhsYcc4zVUeb5s.z2AlYZ5w
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
etag
W/"c8e30c6db5a68b6f86cc5b3b07084ddc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eIyNMgA4aUOmL-WahSbNGeJzGQ6dX-44pikwOickfHjFQ5PkVESo3A==
HSID_Logo.png
myoptum-stage.optum.com/content/dam/hsid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myoptum-stage.optum.com/content/dam/hsid/HSID_Logo.png
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-dispatcher
dispatcher3centralus
date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
x-vhost
globalnav-publish
x-cache
TCP_REMOTE_HIT
content-disposition
attachment
content-length
2623
last-modified
Thu, 13 Jul 2023 02:34:54 GMT
etag
"a3f-600552d63cf80"
vary
Host
x-frame-options
SAMEORIGIN
content-type
image/png
x-azure-ref
20231109T070733Z-xqfh0wzm6p52tchput8hq5ptew00000000u0000000006czb
cache-control
public, max-age=300
accept-ranges
bytes
UHC_logo.png
myoptum-stage.optum.com/content/dam/hsid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myoptum-stage.optum.com/content/dam/hsid/UHC_logo.png
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
084a0df55b46550be3c8e8823ae7c7d89d8a6acde185d1fd138d25ffa5839286
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-dispatcher
dispatcher1centralus
date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
x-vhost
globalnav-publish
x-cache
TCP_MISS
content-disposition
attachment
content-length
11147
last-modified
Thu, 13 Jul 2023 02:34:45 GMT
etag
"2b8b-600552cda7b40"
vary
Host
x-frame-options
SAMEORIGIN
content-type
image/png
x-azure-ref
20231109T070733Z-xqfh0wzm6p52tchput8hq5ptew00000000u0000000006cza
cache-control
public, max-age=300
accept-ranges
bytes
system-arrow-md.svg
member.werally.com/assets/icons/ 		328 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-arrow-md.svg
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-148"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
4-36947607-36947609 2VNN RT(1699513653111 46) q(0 0 0 1) r(0 0)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
8ktAaqYHCkgj61PRftXMBjWFTGUAAAAA+6XzL8K3kh/chON0O0+MDw==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
242
truncated
/ 		290 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
st1.healthsafe-id.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/media/FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746

Request headers

Referer
https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Origin
https://st1.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
x-amz-version-id
ztwY_5yq3xvhQmtn653DH9kL4i.E2d2M
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15176
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
etag
"0d39e9365e15137bddeae2f4bf530b47"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
oktIJdfantQgaHyMzUwBFGiPcJy3n3v5BYlmVmw8N49FjoJicUP9aQ==
FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
st1.healthsafe-id.com/static/media/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/media/FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4

Request headers

Referer
https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Origin
https://st1.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
x-amz-version-id
smmGGMRuYjgO3_6SNprrBSQdwDrTAzyD
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15548
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
etag
"4d8f0b88bbe9f14c9413d24618d29e6b"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
DZj5SHbhU9UhVY5CBgtwFzuOctxG_IcukdNvraPAFFcuGKW_7BVdKg==
image.sbix
global.ib-ibi.com/ Frame D40A 		0
0
crossStorageHub
st1.healthsafe-id.com/protected/ Frame 4A33 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/protected/crossStorageHub
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://st1.healthsafe-id.com/;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://st1.healthsafe-id.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
en-CA
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://st1.healthsafe-id.com/;
content-type
text/html;charset=UTF-8
date
Thu, 09 Nov 2023 07:07:33 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=16070400; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-id
CJfCRQ2fpbY-uOl0zYQCHdxmOhN_nMqQZNJq19n5p_hVCIcyRczoXg==
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff nosniff
x-frame-options
ALLOW-FROM https://st1.healthsafe-id.com/
x-ps-id
hsid-stage-ctc-3
x-xss-protection
1; mode=block
inbound
st1.healthsafe-id.com/hsid/setup/ 		59 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/hsid/setup/inbound
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
x-amz-cf-pop
IAD66-C1
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
x-ps-id
hsid-stage-ctc-4
x-frame-options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
access-control-allow-methods
POST, PUT, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://st1.healthsafe-id.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, csrf-token, Ae96qQ5Mbh-a, Ae96qQ5Mbh-b, Ae96qQ5Mbh-c, Ae96qQ5Mbh-d, Ae96qQ5Mbh-f, Ae96qQ5Mbh-z
x-amz-cf-id
usRK4A75dJcYjrBDjNdjAoUsR-AWbzIF1n1d20-kNg8EH23CQ6j6uA==
expires
0
rbaurl
st1.healthsafe-id.com/hsid/ 		40 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/hsid/rbaurl?portalBrand=capuhcra&lang=en
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
x-amz-cf-pop
IAD66-C1
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
x-ps-id
hsid-stage-ctc-1
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
hYT8vc1JXWyrzfP4xu6nmc4RHTrb_LeCi-1T4PGR-02SBvO30nR_nA==
expires
0
s26404071762373
smetrics.optum.com/b/ss/uhghsiddev,uhgenterprisecorestage/1/JS-2.8.2-LDQM/ 		43 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.optum.com/b/ss/uhghsiddev,uhgenterprisecorestage/1/JS-2.8.2-LDQM/s26404071762373
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.219 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-219.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 10 Nov 2023 07:07:33 GMT
server
jag
etag
3649677780385824768-4617906272821713648
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Wed, 08 Nov 2023 07:07:33 GMT
RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		312 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b43fe28488de3a264501bdea3559fae6c64241245e0771c52e13da99cfc46ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
196
expires
Thu, 09 Nov 2023 08:07:33 GMT
RC41f288b53db04daf90080fc3503f06c7-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		621 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RC41f288b53db04daf90080fc3503f06c7-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d2245727b028c84c7333969341f7f7e25ebdb3ce91a0b7748035557c00db1aec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
341
expires
Thu, 09 Nov 2023 08:07:33 GMT
RCf324ea42f30b48fdb506665995f953c8-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		996 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RCf324ea42f30b48fdb506665995f953c8-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d94d2fe74eea236a58e47a994b580427b9aafd62c046b7f1b3d212804e73599f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
623
expires
Thu, 09 Nov 2023 08:07:33 GMT
destination
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-11726966&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6ff95c0480371940949099e3a688155b369a247a3d1887d593db9d9ceca5d250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67141
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 07:07:33 GMT
activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
8584968.fls.doubleclick.net/ Frame F1A9
Redirect Chain
  • https://8584968.fls.doubleclick.net/activityi;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
  • https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0...
1 KB
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
d689f04b6959cd2801efa1d4952be89c4aa45a8c8faef789bf47218af2ebf062
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 07:07:33 GMT
expires
Thu, 09 Nov 2023 07:07:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 07:07:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
RC2a12586ea06349f89ff8bd706d5cf200-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RC2a12586ea06349f89ff8bd706d5cf200-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f56c5c7cc605647d00d18f0e8c4ff3a4f59d587f191c201a6551b85e11f08b91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
503
expires
Thu, 09 Nov 2023 08:07:33 GMT
hub-1.0.0.min.js
st1.healthsafe-id.com/js/vendor/cross-storage/ Frame 4A33 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/js/vendor/cross-storage/hub-1.0.0.min.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/protected/crossStorageHub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/protected/crossStorageHub
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1040
x-xss-protection
1; mode=block
x-ps-id
hsid-stage-ctc-2
last-modified
Wed, 08 Nov 2023 19:45:40 GMT
etag
"04c82b203564443ec792dcef8f6d48511-gzip"
x-frame-options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
vary
Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nPBQ7O9zSnvRBa1_SImTn5hoN687r-BgFpOzLrvON4J8BHvRkTYewQ==
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11726966
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8afb9acb591f3bcd4f471293eabe1d5e96cc12ff2c91a9dc8476add4fedad365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67165
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 07:07:33 GMT
RCac643e46ae464f479f5d7156c414bcd7-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		735 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RCac643e46ae464f479f5d7156c414bcd7-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
272d4592ee986baa514ebd2480f05984b86261839d0c453a8e248300e909ec9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
464
expires
Thu, 09 Nov 2023 08:07:34 GMT
activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
11726966.fls.doubleclick.net/ Frame 954D
Redirect Chain
  • https://11726966.fls.doubleclick.net/activityi;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;...
1 KB
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11726966&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
2824894fb94c71072bb80dfb829f13d56b03396c8e0a4ed0268d111039fd4a49
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 07:07:34 GMT
expires
Thu, 09 Nov 2023 07:07:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 07:07:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		256 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10851563334
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ab4d07e6a78be66eff82aae058a1761f96b2ec353059cd468c0a6ed836f2b7ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84888
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Nov 2023 07:07:34 GMT
info
st1.healthsafe-id.com/protected/tmx/ 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/protected/tmx/info?HTTP_TARGETPORTAL=CAPUHCRA
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
/
Resource Hash
71369041b8d69be98dfa20dc96ecc86fd8b3d0c19f0e995591063d5ffe8ccd05
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:36 GMT
strict-transport-security
max-age=16070400; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;, default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
content-encoding
gzip
x-amz-cf-pop
IAD66-C1
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
x-ps-id
hsid-stage-ctc-4
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
CS9xBTT-8ZszU03jur6Y_s-bdL8n81nHSqzMKg3S_rWis6B4ApjJbQ==
expires
0
UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
st1.healthsafe-id.com/static/media/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://st1.healthsafe-id.com/static/media/UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Request headers

Referer
https://st1.healthsafe-id.com/static/css/index.6101ffa1.css
Origin
https://st1.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
C3qw9x62ldh7J4BipEupXDRutnMepNeB
date
Thu, 09 Nov 2023 07:07:35 GMT
via
1.1 6f35734da951dcb591462352ba037614.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22420
last-modified
Wed, 08 Nov 2023 21:03:30 GMT
server
AmazonS3
etag
"52d7c5312a4fab395e904f90fe0d47cb"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, DELETE, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
nfqNsYq71TxJjkhyhEBEDCC11yfeMBC7EaSsBT7O8VBwZFIjJVDgUg==
dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https...
adservice.google.com/ddm/fls/z/ Frame F1A9 		42 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Requested by
Host: 8584968.fls.doubleclick.net
URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPXLh92ttoIDFX30KAUdRuMLcQ;src=8584968;type=mrfed0;cat=lpg_m06o;ord=5127547062454;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8584968.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/?random=1699513654129&cv=11&fst=1699513654129&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882150052&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=Sign%20in%20-%20OptumBank&auid=1108108651.1699513653&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10851563334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f156.1e100.net
Software
cafe /
Resource Hash
f23d12828cd048ef1fa1ffa65b40d4cad0828bfdae70953820d147593ba461cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1535
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/z/ Frame 954D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=*;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Requested by
Host: 11726966.fls.doubleclick.net
URL: https://11726966.fls.doubleclick.net/activityi;dc_pre=CPLxjN2ttoIDFRkXigMdgbUImA;src=11726966;type=page;cat=ret_si2;ord=5450476130649;auiddc=1108108651.1699513653;gtm=45fe3b60;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://11726966.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 Nov 2023 07:07:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hJirq8jmrNF9SgO4wlI7bwWO+jnelb+W6Heq+MVJX3hFwIf5OLfvsOI195ymiy0eFQHzbL/XRCGXXcQVOVhryg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10851563334/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10851563334/?random=1699513654129&cv=11&fst=1699513200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882150052&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNoxxVjDqZBM3VbjTtjVttwy-CrD3cCsmKHPVTCOt84IODXjFb&random=3830935049&rmt_tld=0&ipr=y
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10851563334/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10851563334/?random=1699513654129&cv=11&fst=1699513200000&bg=ffffff&guid=ON&async=1&gtm=45be3b60v882150052&u_w=1600&u_h=1200&url=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Flogin%2Fcapuhcra%2Fen%3FTARGET%3Dhttps%253A%252F%252Fst1.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcapuhcra%252Fen%253Fresume%253D%252Fas%252F3rQVzw2zIq%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidcStage%2526redirect_uri%253Dhttps%253A%252F%252Ftst-account.uhcretireeaccounts.com%252Flogin%252Fcallback%2526portal%253Dcapuhcra%2526client_id%253Dbank-cloud-stage%26resume%3D%252Fas%252F9zq1il8wS5%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNoxxVjDqZBM3VbjTtjVttwy-CrD3cCsmKHPVTCOt84IODXjFb&random=3830935049&rmt_tld=1&ipr=y
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 07:07:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1347491178601507
connect.facebook.net/signals/config/ 		158 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1347491178601507?v=2.9.138&r=stable&domain=st1.healthsafe-id.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mty2.fbcdn.net
Software
/
Resource Hash
3660aeadd978dadffa2065d7c367e12dcb57f4eab9aedee3676020fe5cb61119
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 09 Nov 2023 07:07:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
jTBy7/jqVDyql5fj+8cPCoTZvDEqJUo+1mkgzaHNNE7C4PtPOMZJRvh/SbduXyZx+qUMnkBjmzO9zNg5bsh0oQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1347491178601507&ev=PageView&dl=https%3A%2F%2Fst1.healthsafe-id.com&rl=&if=false&ts=1699513654772&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1699513654769.289862209&pm=1&hrl=1a459e&ler=empty&it=1699513654541&coo=false&cs_cc=1&cas=8077385769003162&rqm=GET
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login/capuhcra/en?TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mty2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 09 Nov 2023 07:07:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
RC27118b4cbb854aff86652bc960a05b5e-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/ 		1 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/0b8358376315/RC27118b4cbb854aff86652bc960a05b5e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN58b40de71cd9419498958d5b6eb55627-staging.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.29.132.250 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-132-250.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b3e76d46355b154958e04f466ac857861df6e49bdb2d446cdc233775d1a543c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
content-encoding
gzip
last-modified
Thu, 09 Nov 2023 06:56:54 GMT
server
AkamaiNetStorage
etag
"a887e14ed37c4e193b7899bc7c24176f:1699513014.080668"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
658
expires
Thu, 09 Nov 2023 08:07:35 GMT
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/rt/login?resume=%2Fas%2F9zq1il8wS5%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fst1.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcapuhcra%2Fen%3Fresume%3D%2Fas%2F3rQVzw2zIq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidcStage%26redirect_uri%3Dhttps%3A%2F%2Ftst-account.uhcretireeaccounts.com%2Flogin%2Fcallback%26portal%3Dcapuhcra%26client_id%3Dbank-cloud-stage&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6fc24cad6d761cf779fb1e36662c4b3a533d6403c83423e47d4d789ee1e9db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
43328
cf-polished
origSize=9155
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"23c3-g9zewENmKMgdBzWHlWlkKS1eVZM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
823438387ea636cf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/ 		288 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/cls_report?_cls_s=18195071408620065824216191805530518594&_cls_v=c3aeb1d9-3516-4024-8758-d2ee9730e517&pv=2&f_cls_s=true
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.222.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-222-5.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
3fc64cac06d9bbe7ec46ba470f9a5e9a8c358d4b7bda26073af29eed4af4b36d
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
205
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
GlassBox Cligate
X-Frame-Options
SAMEORIGIN
vary
origin
Content-Type
application/json
access-control-allow-origin
https://st1.healthsafe-id.com
access-control-allow-credentials
true
GB-Server
g5015
X-Robots-Tag
noindex
12.c374cce172555dcce9b4.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=st1.healthsafe-id.com
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a4b1e6d31c8d7ecb567310271ce420995a4fe8a4514aad38d24ad867a2ee9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
41814
cf-polished
origSize=71669
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"117f5-18b692edda8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
82343838df1e36cf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
/
stage-cse.rakanto.com/cx_collector/ 		3 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stage-cse.rakanto.com/cx_collector/
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.172.51 , United States, ASN10879 (UHC, US),
Reverse DNS
stage-cse-elr.rakanto.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 09 Nov 2023 07:07:35 GMT
X-ps-id
elr_cse_collector_1
Referrer-Policy
origin
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://st1.healthsafe-id.com
Access-Control-Expose-Headers
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		76 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7975f52aa59ea21acdcfcec8e4a123899dbdf3df9a493d5401fc68dc45f422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://st1.healthsafe-id.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
d2f5c2987c303555
cf-ray
823438394f9936cf-YYZ
timing-allow-origin
*
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.c374cce172555dcce9b4.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=st1.healthsafe-id.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215366847ff8d79401b56082e1ac062ae85e43909ecbdd902b69310f491ec042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
41814
cf-polished
origSize=105749
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"19d15-18b692edda8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
82343839f83e36cf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
7.5ccfa63c1a40bc213c6e.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.5ccfa63c1a40bc213c6e.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8484d229a52fd1e7f5be1a24c2bc90fb6ec6b11c9e6d22c41c7bba238a804b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
41811
cf-polished
origSize=2904
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"b58-18b692edda8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8234383aa8a036cf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
1.53cfb5f19d9d4b3a8cae.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.53cfb5f19d9d4b3a8cae.chunk.js?Q_CLIENTVERSION=1.102.2&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eaed4de66894ab72b75ae8adf3dce33b96acfb1db8819c788eeec495120b3c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
41814
cf-polished
origSize=29370
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 Oct 2023 23:32:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"72ba-18b692edda8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8234383aa8a136cf-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
tags.js
rba-screen.healthsafe-id.com/fp/ 		95 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&page_id=PAGEID
Requested by
Host: st1.healthsafe-id.com
URL: https://st1.healthsafe-id.com/static/js/index.1c4e9342.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
103ea7ae8224b945684ae6e4d2707825d342b06e897d49f7a8eadfa3e5d087d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7
rba-screen.healthsafe-id.com/fp/ Frame B062 		461 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&page_id=PAGEID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
dc123b604ff1e6cc9197f2f3b00a7d28f55332d4d0867bbaf2e75923dae3f1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
9d276429eb175ff1
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/u/ Frame B062 		482 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785b9db4603d17cb874e3b67a433b810fd28dd888456e09fb2d6bb49c8f94477

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:07:37 GMT
x-amz-version-id
ZAgIcJk2k07vXU9apgWnHpwC6NoI2KxU
content-encoding
gzip
cf-cache-status
HIT
via
1.1 981fd743d9643ae0100d9c3fcfb96f78.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 03 Nov 2023 20:07:50 GMT
server
cloudflare
etag
W/"1c6e33a4dd9df77b5f6dc9c6884310cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
82343845abb236fc-YYZ
x-amz-cf-id
PvXceCHtMQWRx1en4LlL4Uizi4j_tLiA-gBKj2XxQsnLcn-z4cTBMA==
expires
Thu, 09 Nov 2023 11:07:37 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/ Frame B062 		228 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.uhg.glassboxdigital.io/glassbox/reporting/8664fb84-e680-6f0a-0661-c23817cb0588/cls_report?_cls_s=18195071408620065824216191805530518594&_cls_v=c3aeb1d9-3516-4024-8758-d2ee9730e517&cls_e=18195071408620065824216191805530518594%3A16143821192215&pv=2&f_cls_s=true
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.222.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-222-5.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
a848e5fcc40821c190095918eb9baa05d1c0eab7f2a80865f92e2bb33802d3d0
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
190
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
GlassBox Cligate
X-Frame-Options
SAMEORIGIN
vary
origin
Content-Type
application/json
access-control-allow-origin
https://st1.healthsafe-id.com
access-control-allow-credentials
true
GB-Server
g5015
X-Robots-Tag
noindex
HP
rba-screen.healthsafe-id.com/fp/ Frame 6FD1 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/HP?session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
9a83f4a41fb13ef079c9081ad688b1cf2a46ac6af402f3ba7a4ecfe442710ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
5799
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 Nov 2023 07:07:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		81 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 996b7d99/9d276429eb175ff17666a7b0-1228-40c9-9ff6-cda4b60cdbd0
Referer
https://st1.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 09 Nov 2023 07:07:37 GMT
Server
Apache
Etag
7080c04170324504b180da29f31e81c3
Content-Type
image/png
Access-Control-Allow-Origin
https://st1.healthsafe-id.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Tue, 07 Nov 2028 07:07:37 GMT
clear.png
h.online-metrix.net/fp/ Frame B062
Redirect Chain
  • https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&gttl=155520000
  • https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&k=2
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&k=2
Protocol
HTTP/1.1
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
P3P
CP=IVAa PSAa
Location
https://h.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&k=2
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
0
ls_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7
rba-screen.healthsafe-id.com/fp/ Frame 4BE3 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
b572a07625989cdccbaef89a606e849fbbbc039ddc5b8a0c572ec9660e9016cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 Nov 2023 07:07:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=3134246e73633f3969353561306b306266393d3c66323331323230386737363562643261373b36
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7
h.online-metrix.net/fp/ Frame 1D4C 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e643c99dae238a2343f77fe22cad09aa170bea710abe89b66057c96dc34fd00a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 Nov 2023 07:07:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7
rba-screen.healthsafe-id.com/fp/ Frame FD8F 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
a2b2aa4b69cd1bcec3dec17c28e0c6db646ffc17a513a78058fe6c2cf33e18da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st1.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 09 Nov 2023 07:07:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&ja=303135362624613d25343a322e723d36322e6e35333432387a313230322461643d333630327a33303032247370793f3270382664727a35392e333438322c313232322c333632302c333032322c333430382c333038382c3134383824333032382e302c30246f743f613a383263606166633535646c666664316d61383639393c3532346a3b613761246f6e3f34247363663f3036266e6a3d607476727b2d3341273a4e2d3044717c332e6865636e746a736366652f6b662c636d6f253a4670762d3a466c6d6f61662730446b63707568617061273244656e27314456415045455c253146607c7470712d3a3d3143273a37324625303732447376312e6a67636e746a71616e652f6b6c26636f6f2d3a3d3044707c27323532447165617570652530373044617776682d3237304e6b617077606b7a6327303d3046656e2730353146706573776f6727323731442d3237304e697325303d3a4e3170535e7877327a4b732530353046726771776f652730353a4663712d3a353244697d7c6a6d7061786174696d6c2e72696c6725303730347372676e7c69767b2d3a353346667d646e27303d303673636d726527323733446d72676c696627323d3234706d7b706f6c7b6d57767b726d2732353346616f66652732353024726e3d312470603d353a6e3a3861633e6a6b6460673933336237313a3763653264336066603064362468603d6333303d38333a3f6d303031666a3b65316537646137383a6532373061373067246a7b6f3f556166646f757b2d3a3233322e6873623d416a726d6d6725323233333b2668716f7d3d556b666c6f77712e627b60773f4b6a726f6d67246e6a633f34266c666f3f38246c6d7c703f322e7c7a643f49656d706b616927324656636c636d75746572246f637668703f3438303166396b3262676b383a6734616b373630303a306166313735343233646634373a38393433663e6d6161303c6c6b3b36636e60643732313333333934612666703f6a747672732d3343273a4e2532447b7c392c6a67696e7468736364652f69662e636d6f2730467076253a466e6d6f616e25304e6b6972776a6b7061253244676e273344544150454756253146687c7472712d3a3533432d3a3d3044273a3732467376332e6a65636c746a716364652f6b6426636d6f2d3a3532447a7c2d3037304e71656375706725303530466177766a27323730466b617277606b7261273a3d3a44676c2d30353346706773776d6725323731462732373046697327303d3a463370595e7275307841732532353044726773776d6527303730466371253a353044697d74686d7a617263766b676c2e70696c6525303530367372676c7669767b253a353146667d6c6c273a3d3a34716167726525323731446d70676e6966273037323470657b706d6c7b6d5f747b786d2d3037314c616f64652730353026723d706e77656b6e5d646c69736a273d4d66616e7b6d29726e776f6b6e5f776b6c646d77715f6d67666b635f726e61716570273d4d66616e7b6d29726e776f6b6e5f61666d62675f6363726d60637625374766696c716729786c756561665773776b6b6974696d6727354766636c736723726e75656b6e57736a6d6b637761746d2d3d47646364716521706e77676b6e5d7265636e726e617b67722d354764696473652378647d656b6c57746c635f726e617b657025354764636e736723706475656b665764657469647e7027374d64616c736723706e7565696e5d7174655f746b657f6570273d4d66616e7b6d29726e776f6b6e5f6a63746127354766616e716724676e5d63357767606f645765604f442d30323326322532302a4d70676e454c25303247512530323226302730384b68726d65617d6f2b556d60474c253032474e534e2532324751273232332e38253032204770656c4f442d3032475b273230474e514c2732324553273032332e32273238436a70676569756f215f6d60496b7c5565624b6b76253030556562454e434c474e475f616e7176696663656657697a70637b7b273342253032455a545d626c676c665d6d6b6c6d697827314a2d323047505c57616d6e67705f6275646465705f6a616c645d646e6f6376253b422730384d58545d6e646763765d6a6e656e642731422732324558565d647061655d646d70766a2d3b422530384d50565d7160636465725d76657a747772655d6e6d66253140253a30475a5c5774657a7c7d7a675d61676f7072657171696d6e5d627076612731422730304d58565d7c6d7874777a6d57616d6f78706573736b6d6e5d7265746327314027323247585c5f7667707c757267576e616e76677a5d616e69716d74706f72696327314027323247585c5f71504f4a2533402d3a384d475157676c656d676c745d696c64657a5d776b6e7627334a253032474d535f646a675770676c6c67725f6d6b726d63702733422730324d45515d737c616c66697a645f666d7a61746376617465732531402530304d45535d76677a7477706557666e6d697c2533402d3a384d475157766578747770655d666e6f61765d6e6b6e6763722d3340273a384f4551577c6d7a76777a675f68616e645f646c6d61742731402732324d455b5f7667707c7572675760696e645d6e6e6f61745d6e696c6563722531402730304d4753577667707c6d785f637a7a697b5d6d6a68656374273142273232574540454e5d636d6e6f7a5f60776e6e65725d6e64676376273b40253230554742454c5d636f6f727067737167645774677a7c7d72655d697b7c6127314a273230574740474e5f616f6d727067717367665f7c657a767d7a655f677c6b2d3140273a32574542454e5f616f6f707267717167645d7665707477706d57657461392d3b40273038554542474e5d636d6d727265717167665f7667787c757067577b3374612d3b4a2730325f4742474c5d616f6f707065737167665d74677a747d72675d7b3b74635d7b7a6f6027314a273230574740474e5f66656277655d70656c66657a65705d6166666f273b4a2d3032554d40474c5f66677076685d74657a767770652731422d3232554d4a474c5d6c7a69755d607d6466657271273340253030574740454e5f6e6d736d5f616d667c6578762d3b4a2730325f4742474c5d6f756e746b5f64706375333624656c57683f316e6e3564646e3c3f3632666c6134303767343260653265373666303735363431383466363a3d3926756f647e3f4b6c7c676c2532324b6e612e2477676e703f4b6e76676c2d32324b7a61732530384778676c4544273230456c65696c65246363663f37&jb=333737246c733f4d677a6b6e64692532443d26382730322055696e646d75732732324e5427303233302c32253b422730385f696e343c2d3b402730387a3634292730304370726c6555676049697627324e353135263b3625303820434a564f442732432530326c6b6b672532324567616b6d2b253a30416a7a676d65273a4e39333b2c382c363034372c31303327323051636463726b27324e353135263b36
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
clear.png
996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net/fp/ Frame B062 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js
rba-screen.healthsafe-id.com/fp/ Frame 6FD1 		208 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/HP?session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
02ea15236ebd99339200c4571e898b771a955c2805f87e75429c83337c671bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/HP?session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
9d276429eb175ff1
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=97
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 4BE3 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jf=3134246e73603f663c6632336a3d356666396a3c66613131643035323a36653530613064663566
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7
rba-screen.healthsafe-id.com/fp/ Frame B062 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear1.png;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jf=36333424736b665f7a6e663f7c6c725f43707a693555445c564f6f6336305757267169645d666376653f3336313937333b3e3537247b616c5d767b78673d77656038656164716126716b665d6b677b3d3b30373b3b383133323e383f30633a3e363863653166303030333036323a3063383436386b653166383b3031323f383b363032383234313560363737623235363030343b656764313c3560606c6e3466376d6e6b6037646b30313238616433343035666463633a37666737313939323369306261673e3b6a3236316c3b363534303a3632656661343b633061653466336d663561313d3163673e69386061373167636139676361616167303960646630663636393e352471616c5f736b6f353b32363738303230333b316137366635333a363a60613133386c6460643b6e3734343d696e613733383a32346133363936363a313764633764666160366d36673438303636346c3b383030333832636131326031603930303660313435393232326c36603b3e3d376232303a393060313e66383633363064353536396535333667643232393b306030696d6663672e7b6164703f38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=4F3B7BDFBAA2FC0F178C03D563092778
h.online-metrix.net/fp/ Frame 1D4C 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=4F3B7BDFBAA2FC0F178C03D563092778?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jf=36333424736b665f7a6e663f7c6c725f704f66603a70414c41444d364d53716a267169645d666376653f3336313937333b3e3537247b616c5d767b78673d77656038656164716126716b665d6b677b3d3b30373b3b383133323e383f30633a3e363863653166303030333036323a3063383436386b653166383b3031323f383b36303238323465613b643731613234313a63376666326766316331363b6d3437673e316c3661613967613832663330633232363732603461363b60393b333337696c3565316b6b3d3232606e6162343963343633616163633630603533633b363e3261366a3b6131306a6e3e30673a3930396366366362333635313736306063383b64636a332471616c5f736b6f353b3236373830323130326734313131306264333766626064663f6161663c693338356c383830353031323539326636386732323233323030306632616569383132383d3933303a31306732303a3237373964313961383a30336433616362303a353c383a376c3930633a3c303b6036616e356234313732366638636163356331323232366639323663693f3332642e7b6164703f39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:37 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ARF;CIS3SID=B8F3A7CBF2CA6BAF96FFAABA8D142D4A
rba-screen.healthsafe-id.com/fp/ Frame 6FD1 		35 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/ARF;CIS3SID=B8F3A7CBF2CA6BAF96FFAABA8D142D4A?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&pageid=99998&sera_parametere=XxQPAQNXC1gDWwBTDQJQBg0CCgQFAgUPVgZXA1ECAwAIBQsOUwwLXQZWBhFGFVtYVxRHQ0URAX1AVXMSAiJDAwkOQVJaUV9cCxZCEgYiQwZ7VBcAchEACQ0NQkNGQ1V1HFNwEgFwFF0MX1IEBQJSBA9TAFUPVQsOVgcFAVFeBAcKUVRTAg1QD1xVVVVQXlMCCVUUWVlaUVxYW1UFAlBSAwABUAYBAVRfVERbRAhWHlBcU1MDBwUDWgNTVQRRAFZQXAYKUVQAAVtUBAMBB1ReUw9WC1YFVwQfBAsMBgVUUgkfDVsKGwUUSQxfCA4MX14XUQ8PEVQJcVEXDVxSEwQQDAhVCxFUW0EEMgtfU1oRFRdaBg9DUk5tWgQOXVVUBQ0XXBAPAgY%3D&count=0&max=0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f9d55134bb3aa85d3c867979221c355809cee58d6eda87c4e687499ef66cb23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/HP?session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&org_id=996b7d99&nonce=9d276429eb175ff1&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:38 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame B062 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jac=1&je=373435242668646e353324686e603d393b3e393f3364606e3b373337673136356263373536606031396061343a633a24626e746e3f38323e3138312e726d3d6e6d2462637471743d2735402732306e657e656e273a3a2533433926383227304b27323273766374777327323227314327323061686972656b666f2532302d3f4c2463776c6a3d63613560396736673638336161636334643269376133313a3933343b3c3e6037613b333739366036643a6466343834323231386467346e3031646b6c383437312e6d7a313f6e336565353b6161643737313435353437643036393b3635373a3c6539306e6e6b603a3339316161267763683f2535422530306370636a6b746d6376777a6d2532302d3b492730302d3032253241273230626b746e6771712732302733492530302d3a3225304b2d3a306070696c647325303025314127354227374627324127323a66776e645e6572716167664e6b717c2732322531432537422735442730412732306f6f6a696e672d3a322531496e696e71672d30432532306f6f66656e253230273143253030253a3227304b2d32327264697c646d7065273232253143253032273232273041273230726c6974646d7a655665707b61676c27303a273341253030253032273243273030756f7534342d3230273b4966616e7b6d2d3546247d636c3d2535402530326072616c66712732302733492537402d3d4425304b2d3a306f6d6a6b6c6525303025314164616c7167273043273032786c63766e67726d273a3a2d3143273a30253232273544
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=07A7E2E537CBCA2A8D6099126A8EB7C7?org_id=996b7d99&session_id=7666a7b0-1228-40c9-9ff6-cda4b60cdbd0&nonce=9d276429eb175ff1&jb=373b24246a716d7535576b6c6c67777324627b673f556b66666f77732730303330246a7360773f4168706d6d6d2668716a3543687067656d273032393339
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st1.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Nov 2023 07:07:38 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=16330634119444753593849190665475959723

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| optumPageDataLayer string| RakantoObject function| Rakanto object| webpackChunkhsid_ui_v2 function| initiateStoreUserData function| IMask string| rakanto_ubrid object| rakanto_optout_domains number| rakanto_sendInterval string| pixelCnameSubdomain object| rakanto_api_endpoints function| pxSetUserIdentity function| pxSendCustomData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| targetGlobalSettings function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq object| daco string| s_account object| s function| forge number| s_objectID number| s_giq object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| _cls_config object| _detector object| webVitals object| convertize object| GooglebQhCsO object| pageDataLayer function| publishPostPageData object| currentError object| newError function| inList object| s_i_uhghsiddev_uhgenterprisecorestage string| pageName function| fbq function| _fbq function| pixelTrack object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.102.2 object| _qsie function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting boolean| tmx_profiling_started

42 Cookies

Domain/Path Name / Value
tst-account.uhcretireeaccounts.com/ Name: ApplicationGatewayAffinityCORS
Value: 4b7ae62033a614288553f32aaca8e8da
tst-account.uhcretireeaccounts.com/ Name: ApplicationGatewayAffinity
Value: 4b7ae62033a614288553f32aaca8e8da
tst-account.uhcretireeaccounts.com/ Name: auth_proxy_login
Value: true
tst-account.uhcretireeaccounts.com/ Name: web_oauth2_proxy_csrf
Value: Ae4nkr_aO0S944S4jG5fSQbx1pDxADeokhV20_SlR1iDmQOch_vKQsr8y1DO2lOn5UF1KvkDaNAvh32-VKavvrhDbcK5_A4f-hOLGWcGPZM8cMHU-tQ6Dno=|1699513650|Hn2ue-0Nze-oaOq1tEySrj_GqODP9XA2-_QcWANgiOs=
stage-sso.optum.com/ Name: ext-PF
Value: IzeobC6wm08mD4hjkBMPwwHEGpxxrcClSfpywrv0yMoG
.stage-sso.optum.com/ Name: TS01bbf66b
Value: 018c90fcfb03aef83f1eb1e175611b35ea8697439aa6c3ecaa01f6c8a8703efc7a1bfb720e6e3fe04be3ed40d10d2fe1468e449c51
st1.healthsafe-id.com/ Name: nonce.nHg1Hs.1699513951
Value: 9a5b6a4b-1177-4700-8d4b-b62d678f2132
st1.healthsafe-id.com/ Name: TS019fe276
Value: 010c48f616773fad6a75c22a3df9282db44bf06c6c98184c2777b47ffed091750f5d779d67b212bb7771a6dd315d971dee952cffe3
st1.healthsafe-id.com/ Name: ext-PF
Value: Pm7XPGOCrd2i4MjOoGG7Hq3FmtaiKO1kX5VbbMS6NJlk
st1.healthsafe-id.com/ Name: TS019553dc
Value: 018e9f1a7bb0c2b583918f077eab311bbfc445e9087dff41c3888ac3ebba239c2a79e8ae69a6dd4aa54d3024466df628058c04ca44
.healthsafe-id.com/ Name: Tv6TR2qd
Value: A3lS6LKLAQAA6-fvwOViiVr1Bca9AZ0ciz43NZOGHlZoI1-vHwlnXFfLI6jfAT4DJKOuciGywH8AAEB3AAAAAA|1|0|e743b957c86a6d239e9659467c66bcd8d1f81d99
st1.healthsafe-id.com/ Name: rakanto_ubrid
Value:
.rakanto.com/ Name: pixel-ubrid
Value: v2.0-7c1b733fa81543ed7af89b72687005d6-1401-1406-1696036572484-0000489796-1699513652367
st1.healthsafe-id.com/ Name: RakantoClientSideData
Value: eyJ1YnJpZCI6InYyLjAtN2MxYjczM2ZhODE1NDNlZDdhZjg5YjcyNjg3MDA1ZDYtMTQwMS0xNDA2LTE2OTYwMzY1NzI0ODQtMDAwMDQ4OTc5Ni0xNjk5NTEzNjUyMzY3IiwiY29tbWl0X2hhc2giOiIyNzFmZWU0In0=
.healthsafe-id.com/ Name: pixel-ubrid
Value: v2.0-7c1b733fa81543ed7af89b72687005d6-1401-1406-1696036572484-0000489796-1699513652367
.healthsafe-id.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 16330634119444753593849190665475959723
.healthsafe-id.com/ Name: _gcl_au
Value: 1.1.1108108651.1699513653
.healthsafe-id.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.healthsafe-id.com/ Name: _cls_v
Value: c3aeb1d9-3516-4024-8758-d2ee9730e517
.healthsafe-id.com/ Name: _cls_s
Value: 18195071408620065824216191805530518594
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUyFNQAAALg__AN-
.healthsafe-id.com/ Name: mbox
Value: session#e9013fb1db794a4aa7846f3e89790dd9#1699515514|PC#e9013fb1db794a4aa7846f3e89790dd9.34_0#1762758454
.dpm.demdex.net/ Name: dpm
Value: 16330634119444753593849190665475959723
.healthsafe-id.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19671%7CMCMID%7C18195071408620065824216191805530518594%7CMCAAMLH-1700118452%7C7%7CMCAAMB-1700118452%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1699520853s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19678%7CvVersion%7C5.0.1
st1.healthsafe-id.com/ Name: HSID_V
Value: 670b912e-c4f3-42cc-9237-90110ff2ff84
st1.healthsafe-id.com/ Name: SESSION
Value: YzJlMzRlNmUtM2UzNy00MTA3LWI4YTMtYmM2NjQzNTFhMjNl
.doubleclick.net/ Name: IDE
Value: AHWqTUlqd2B1ScckYHnHje3N_-53suCMsIo6Wb0tONjFm3X_UU9n2oBNvRM0YQXLOOE
.demdex.net/ Name: dextp
Value: 771-1-1699513653145|903-1-1699513653246|285689-1-1699513653382
.adsrvr.org/ Name: TDID
Value: be13ccc4-5c28-4b62-8fd6-da105c52a380
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIxuC8wJK_sDwQBRgFIAEoAjILCOiygu2ov7A8EAU4AQ..
.healthsafe-id.com/ Name: gpv_pn
Value: D%3Dv25
.healthsafe-id.com/ Name: s_cc
Value: true
.healthsafe-id.com/ Name: _fbp
Value: fb.1.1699513654769.289862209
report.uhg.glassboxdigital.io/ Name: _cls_cfgver
Value: 0
report.uhg.glassboxdigital.io/ Name: _cls_v
Value: c3aeb1d9-3516-4024-8758-d2ee9730e517
report.uhg.glassboxdigital.io/ Name: _cls_s
Value: 18195071408620065824216191805530518594
.healthsafe-id.com/ Name: cls_e
Value: 18195071408620065824216191805530518594:16143821192215
rba-screen.healthsafe-id.com/ Name: thx_guid
Value: b9f7ce7a46ca6b0207cf9b81f81782c2
report.uhg.glassboxdigital.io/ Name: AWSALBCORS
Value: fb8E/85a5bo6Zji8+dghhA7EF2SjUTl3+8pHKkGjG3uoAPg+s6uijvJHKL9+rXFwjdOr8uGn14W3lT1rxtpjlKT1VgzDf2TlX9qGGvWnOzS9mL10u2odYW6+w6BQ
report.uhg.glassboxdigital.io/ Name: cls_e
Value: 18195071408620065824216191805530518594:16143821192215
h.online-metrix.net/ Name: thx_global_guid
Value: a338b7da25934e29aba915a37a26680d

6 Console Messages

Source Level URL
Text
security error URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Message:
Refused to create a worker from 'blob:https://st1.healthsafe-id.com/bd7d6a77-8812-4920-9cbb-0ce0548b2a26' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
rendering warning URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://st1.healthsafe-id.com/assets/bundles-average.js?seed=AIBt4bKLAQAAHE9_iURTJePKdChey7VXKoOSF7YTy0tW6AcfOiixB95A1RVl&EdxVWcjYRR--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error URL: https://cdn.gbqofs.com/uhg/hsid/u/detector-dom.min.js(Line 100)
Message:
Refused to create a worker from 'blob:https://st1.healthsafe-id.com/28808854-bc63-4df6-98b3-038e881753ab' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=16330634119444753593849190665475959723
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11726966.fls.doubleclick.net
8584968.fls.doubleclick.net
996b7d99qyfuu2pc22k3k7qnwuof4tfvb24nxuux9d276429eb175ff1sac.d.aa.online-metrix.net
adservice.google.com
assets.adobedtm.com
cdn.gbqofs.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
match.adsrvr.org
member.werally.com
myoptum-stage.optum.com
rba-screen.healthsafe-id.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
st1.healthsafe-id.com
stage-cse.rakanto.com
stage-repo.rakanto.com
stage-sso.optum.com
tst-account.uhcretireeaccounts.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.209.240
104.18.25.13
13.107.213.38
13.32.208.20
142.250.31.94
142.251.16.149
142.251.163.97
142.251.179.156
149.111.172.51
15.197.193.217
157.240.244.1
157.240.244.35
168.183.32.197
168.183.38.206
172.253.115.155
172.253.122.103
172.253.63.155
184.29.132.250
192.225.158.1
192.225.158.132
192.225.158.3
40.65.211.6
45.60.31.26
52.203.231.55
52.205.222.5
52.206.49.117
52.70.105.163
63.140.38.113
63.140.38.219
02ea15236ebd99339200c4571e898b771a955c2805f87e75429c83337c671bdd
084a0df55b46550be3c8e8823ae7c7d89d8a6acde185d1fd138d25ffa5839286
103ea7ae8224b945684ae6e4d2707825d342b06e897d49f7a8eadfa3e5d087d8
1fdc0488cbd058b2ca128ea2d757cc6cb9e52767c3a85596130c298fb3607a01
215366847ff8d79401b56082e1ac062ae85e43909ecbdd902b69310f491ec042
272d4592ee986baa514ebd2480f05984b86261839d0c453a8e248300e909ec9a
2824894fb94c71072bb80dfb829f13d56b03396c8e0a4ed0268d111039fd4a49
2dc4f28316514c60eb0f27f34b1db7d1a18134c48250135e6c6c21b423f5b6ff
2eaed4de66894ab72b75ae8adf3dce33b96acfb1db8819c788eeec495120b3c8
3660aeadd978dadffa2065d7c367e12dcb57f4eab9aedee3676020fe5cb61119
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fc64cac06d9bbe7ec46ba470f9a5e9a8c358d4b7bda26073af29eed4af4b36d
431516c7aba1f61696b8738b40bb3e90c9b0cab132488e68475454de6c09b4fe
4e8216597f2535b4f35144da67c88d2303074c25f24fd72dc2f1123830167e26
50a0460d7a549e15f9d2ddd06d64fc3896b7c0c7fb619b85e1f5de9887fba7b5
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5755df35dfedd137b35ec2e1542d88b832ff0170a78e5075d4339dd2e58b2cac
63899056f6788249d807785b5aa2a7cd625977f936d2024294d78dcc31878aab
6f96cf3fc72510bf8b713484c41ddf47ca9a0af68422a1d45acd38ddb8baa3cc
6ff95c0480371940949099e3a688155b369a247a3d1887d593db9d9ceca5d250
71369041b8d69be98dfa20dc96ecc86fd8b3d0c19f0e995591063d5ffe8ccd05
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
785b9db4603d17cb874e3b67a433b810fd28dd888456e09fb2d6bb49c8f94477
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
7ec2307caf663d0bfdb779bdf51a54405e811fece07967acaae545ec04638e1c
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
8484d229a52fd1e7f5be1a24c2bc90fb6ec6b11c9e6d22c41c7bba238a804b38
85321e0b8f27f57f530a6139690ae4588bcbfab6c80278d43c6888566ee66eb6
8829ad45d1e33237359097a465c0dcfa73ef2e20e7665e1bc91094607188172d
8afb9acb591f3bcd4f471293eabe1d5e96cc12ff2c91a9dc8476add4fedad365
908138e6e8a14049c83de7b552d315be226c0dec2a0c8a01f83f7b24d5c1a310
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9a83f4a41fb13ef079c9081ad688b1cf2a46ac6af402f3ba7a4ecfe442710ffc
9abddccccdbff4c53633904feb4866f8d0fca22dbf22a4df7ce67607f2d87b75
9e6fc24cad6d761cf779fb1e36662c4b3a533d6403c83423e47d4d789ee1e9db
a2b2aa4b69cd1bcec3dec17c28e0c6db646ffc17a513a78058fe6c2cf33e18da
a71196088fe514d5be5531061bb6666a9e73a9839980fa0b4177415ce566937d
a848e5fcc40821c190095918eb9baa05d1c0eab7f2a80865f92e2bb33802d3d0
ab4d07e6a78be66eff82aae058a1761f96b2ec353059cd468c0a6ed836f2b7ff
b3e76d46355b154958e04f466ac857861df6e49bdb2d446cdc233775d1a543c9
b43fe28488de3a264501bdea3559fae6c64241245e0771c52e13da99cfc46ba3
b572a07625989cdccbaef89a606e849fbbbc039ddc5b8a0c572ec9660e9016cd
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
c66d1ca9ca062cd871193c8cbba35a4430e22f443b31203ab561a386f4f8493e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2c882c6ba419cb61d6070b361ee03f1694b2db5a507872ce897bc43f02eee5
d2245727b028c84c7333969341f7f7e25ebdb3ce91a0b7748035557c00db1aec
d689f04b6959cd2801efa1d4952be89c4aa45a8c8faef789bf47218af2ebf062
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
d7a4b1e6d31c8d7ecb567310271ce420995a4fe8a4514aad38d24ad867a2ee9a
d94d2fe74eea236a58e47a994b580427b9aafd62c046b7f1b3d212804e73599f
da7975f52aa59ea21acdcfcec8e4a123899dbdf3df9a493d5401fc68dc45f422
dbe5c9403e8c3fec07ce3f99163e5b60fba96ee91f21e3dbcd9ac07f9d2a0a1c
dc123b604ff1e6cc9197f2f3b00a7d28f55332d4d0867bbaf2e75923dae3f1bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e643c99dae238a2343f77fe22cad09aa170bea710abe89b66057c96dc34fd00a
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2
e6ab5b42e39661fceeaadef5d552a1c0509a8d2d8abc237922400aa3b3c58ede
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00abdcd7e2645b194f1745615756363763ccbb8ae8e3970cbcfef257b7034a6
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f23d12828cd048ef1fa1ffa65b40d4cad0828bfdae70953820d147593ba461cf
f56c5c7cc605647d00d18f0e8c4ff3a4f59d587f191c201a6551b85e11f08b91
f9d55134bb3aa85d3c867979221c355809cee58d6eda87c4e687499ef66cb23b
ff6562acb2cb31cc6ed038f9ce6706fed6b2ee980829887e2c456050c8b0b777