Submitted URL: https://click.communications.naviguard.com/?qs=a57f132da7b945722884075ca6699006617bd719aca822d0f1ed3400f52f3f5c16d91da91e692e8c947dcbc35714...
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On April 03 via manual from IN — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 39 HTTP transactions. The main IP is 168.183.37.28, located in United States and belongs to UHC, US. The main domain is www.healthsafe-id.com. The Cisco Umbrella rank of the primary domain is 56231.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.241.123 22606 (EXACT-7)
12 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 168.183.36.21 10879 (UHC)
2 9 168.183.37.28 10879 (UHC)
2 52.138.200.61 8075 (MICROSOFT...)
2 2600:9000:243... 16509 (AMAZON-02)
5 2600:9000:236... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 20.150.1.68 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
39 13
Apex Domain
Subdomains
Transfer
13 iperceptions.com
universal.iperceptions.com — Cisco Umbrella Rank: 11854
api.iperceptions.com — Cisco Umbrella Rank: 11100
sd.iperceptions.com — Cisco Umbrella Rank: 12184
ips-invite.iperceptions.com — Cisco Umbrella Rank: 47699
ips-img.iperceptions.com — Cisco Umbrella Rank: 56876
43 KB
13 naviguard.com
click.communications.naviguard.com
my.naviguard.com
2 MB
9 healthsafe-id.com
www.healthsafe-id.com — Cisco Umbrella Rank: 56231
485 KB
2 gstatic.com
fonts.gstatic.com
35 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 933
296 B
1 windows.net
universaldefinitionsdev.blob.core.windows.net
177 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 optum.com
sso.optum.com — Cisco Umbrella Rank: 59459
773 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
44 KB
0 rakanto.com Failed
repo.rakanto.com Failed
39 10
Domain Requested by
12 my.naviguard.com my.naviguard.com
9 www.healthsafe-id.com 2 redirects my.naviguard.com
www.healthsafe-id.com
5 ips-invite.iperceptions.com universal.iperceptions.com
ips-invite.iperceptions.com
3 universal.iperceptions.com my.naviguard.com
universal.iperceptions.com
2 fonts.gstatic.com fonts.googleapis.com
2 sd.iperceptions.com universal.iperceptions.com
2 api.iperceptions.com universal.iperceptions.com
2 unpkg.com 1 redirects my.naviguard.com
1 universaldefinitionsdev.blob.core.windows.net
1 ips-img.iperceptions.com
1 fonts.googleapis.com client
1 sso.optum.com 1 redirects
1 www.googletagmanager.com my.naviguard.com
1 click.communications.naviguard.com 1 redirects
0 repo.rakanto.com Failed www.healthsafe-id.com
39 15

This site contains no links.

Subject Issuer Validity Valid
my.naviguard.com
COMODO RSA Organization Validation Secure Server CA
2023-03-20 -
2024-03-19
a year crt.sh
*.iperceptions.com
Amazon RSA 2048 M01
2023-02-13 -
2024-03-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
healthsafeid.optum.com
COMODO RSA Organization Validation Secure Server CA
2022-08-08 -
2023-08-08
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2023-03-27 -
2024-03-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Frame ID: 6FDFD0040DF1F35BEE5FF12F83EF4EA9
Requests: 60 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: C34A5DBC5B7A033DFABC895F18883734
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://click.communications.naviguard.com/?qs=a57f132da7b945722884075ca6699006617bd719aca822d0f1ed3400f52f3f5c16d91da9... HTTP 302
    https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc Page URL
  2. https://sso.optum.com/ext/as/authorization.oauth2?client_id=naviguard-hsid-prod&pfidpadapterid=Hsi... HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/Naviguard/en?resume=/as/GWIvZnjnhj/resume/as/authorization.pi... HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

39
Requests

95 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

13
IPs

4
Countries

3698 kB
Transfer

7637 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.communications.naviguard.com/?qs=a57f132da7b945722884075ca6699006617bd719aca822d0f1ed3400f52f3f5c16d91da91e692e8c947dcbc357143c61709dcf5bb8b9bb04 HTTP 302
    https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc Page URL
  2. https://sso.optum.com/ext/as/authorization.oauth2?client_id=naviguard-hsid-prod&pfidpadapterid=HsidNewUIOidc&response_type=code&scope=openid+profile+email&redirect_uri=https://my.naviguard.com/&code_challenge_method=S256&code_challenge=gKufEgA0ErI-gck-PUSgbyyFEYdovkxU4DSD1Mh3CJE&portal=Naviguard HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/Naviguard/en?resume=/as/GWIvZnjnhj/resume/as/authorization.ping&spentity=null&scope=openid%20profile%20email&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://my.naviguard.com/&portal=Naviguard&client_id=naviguard-hsid-prod HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiTlZJX0xyajh3QlZGOVlhRVF6YlhzT0xRQmZBIiwic3VmZml4Ijoia21jdWtDLjE2ODA1MzY5NjcifQ..o8ZgsArk6n1xO_zVmyeS5Q.tCAbnQG0-gCtmsF_AO6iDNmTFWFbRUL5Q1NcwwTB1oZm0VtX_CNFVucIg4uN1aJx782WoMVZRYwQOme_0s1wg-PY01qxEOr53AW5sGFvAvADtuHwcetK2oDEgDTeGEmy9EFPGST8e5nSfSuXOkm1Qq5c3KFeQ6_DcLbutUy_r7iTsfJeQrZFiT1SHl243CzEH98rc0UKjVvfU6FJYHw4wGqMKHGZAX5CNFo9IPZVnLEU5KW61uXPWPmsT_r4H92YelOP_7kGeK1fMcLyDi9qospbMNqoY4coGlfBJUjjcDHaehYLifOelZMj4jCrkyh4.QNL5ttbbalJhDrehCn4y2w&nonce=mDX1q4PEin7fKY7pDT2HPv8KvPosUvG9LYipA8pM80M&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.communications.naviguard.com/?qs=a57f132da7b945722884075ca6699006617bd719aca822d0f1ed3400f52f3f5c16d91da91e692e8c947dcbc357143c61709dcf5bb8b9bb04 HTTP 302
  • https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Request Chain 1
  • https://unpkg.com/react-day-picker/lib/style.css HTTP 302
  • https://unpkg.com/react-day-picker@8.6.0/lib/style.css

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
home
my.naviguard.com/
Redirect Chain
  • https://click.communications.naviguard.com/?qs=a57f132da7b945722884075ca6699006617bd719aca822d0f1ed3400f52f3f5c16d91da91e692e8c947dcbc357143c61709dcf5bb8b9bb04
  • https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
3 KB
3 KB
Document
General
Full URL
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e313b73514badc7496221a179277c0197bec0c99b30314ad4c3fcca5f3d3cb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
3020
content-type
text/html
date
Mon, 03 Apr 2023 15:44:23 GMT
x-azure-ref
0V/QqZAAAAACx8dauePHmRKvaIEdJQUimRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-azure-ref-originshield
0V/QqZAAAAADiOKZeJzNLS6flSVZh2bPYRlJBMjMxMDUwNDE3MDUzADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
x-cache
TCP_MISS
x-ms-error-code
WebContentNotFound
x-ms-request-id
716c9b8a-a01e-0032-7243-666c88000000
x-ms-version
2018-03-28

Redirect headers

Cache-Control
private
Connection
close
Content-Length
224
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Apr 2023 15:44:22 GMT
Location
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
style.css
unpkg.com/react-day-picker@8.6.0/lib/
Redirect Chain
  • https://unpkg.com/react-day-picker/lib/style.css
  • https://unpkg.com/react-day-picker@8.6.0/lib/style.css
0
0
Stylesheet
General
Full URL
https://unpkg.com/react-day-picker@8.6.0/lib/style.css
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Apr 2023 15:44:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01GX3WMXHWSW469AG8GQ23PQ0X-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-day-picker@8.6.0/lib/style.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
7b226ec37ada36df-FRA
runtime~app.27401809.js
my.naviguard.com/static/js/
2 KB
1 KB
Script
General
Full URL
https://my.naviguard.com/static/js/runtime~app.27401809.js
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7656bc3ccebd611041f9484fd00713447fbad96682d02882c2737830adcd4b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0aDAmZAAAAACoOQu8cEnzSY4brxyJoE9sRlJBMjMxMDUwNDE3MDQ5ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
Q60NtjKmvDzJfIp+85ylbA==
etag
"0x8DB110D5FFDFDF8"
x-azure-ref
0V/QqZAAAAAAma+OQn7tbTY4WoVwWl1l0RlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/javascript
x-ms-request-id
2fb4a683-901e-0039-7bb3-6297e3000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
vendors~app.9d0af543.chunk.js
my.naviguard.com/static/js/
2 MB
536 KB
Script
General
Full URL
https://my.naviguard.com/static/js/vendors~app.9d0af543.chunk.js
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2738dcd1d698dd0da4b17df4ef5e5cc2e8af9c5aea7d082bead00c8024f4e0d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0wM0lZAAAAAAZO+bH+eomQbwaj3ClkJ8ERlJBMjMxMDUwNDE4MDE3ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
Dzs8zPyXD4Q/RlAiZS5gtA==
etag
"0x8DB110D60085CBA"
x-azure-ref
0V/QqZAAAAACkFZVlpfL9RIX9h2bFH1khRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/javascript
x-ms-request-id
164a9fd3-d01e-004a-5ba1-5bcf70000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
app.96c22e3a.chunk.js
my.naviguard.com/static/js/
2 MB
939 KB
Script
General
Full URL
https://my.naviguard.com/static/js/app.96c22e3a.chunk.js
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0879f1113b3c874be3f842a34fdccd1ae98cd71e9a6f334c8c9570e1575934f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0jUoqZAAAAAAOI5cC2m1GS7me5RMDjmlvRlJBMjMxMDUwNDE4MDI1ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
R84ziaBTWHKLq/x/Cif75g==
etag
"0x8DB110D5FFB3F40"
x-azure-ref
0V/QqZAAAAABLLfMayEasT5rz5gKWT/onRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/javascript
x-ms-request-id
a02113e1-901e-0029-1ca9-65528b000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
wrapper.js
universal.iperceptions.com/
9 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Apr 2023 15:42:55 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-md5
d5YIeO59lrTqhttidyvULA==
age
88
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
38808043-501e-0030-3eb8-62b3e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
y9_RNvbugH7QZ8_ORLmb-ilef38QbHCEUgkwj0VvyKT0xvsxYpNLFA==
gtm.js
www.googletagmanager.com/
122 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRX32R6&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9aa8766a5633b468e3f0cd66b1a2c1818690e9c7b6dd8d4f955665468e18c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44915
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Apr 2023 15:44:23 GMT
SourceSansPro-Regular.ttf
my.naviguard.com/fonts/
263 KB
103 KB
Font
General
Full URL
https://my.naviguard.com/fonts/SourceSansPro-Regular.ttf
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:33 GMT
x-azure-ref-originshield
0NBspZAAAAAAuJ1RPu7vvTJA/4tCMi7nnRlJBMjMxMDUwNDE3MDM5ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
wWeLRvfdP1DOrJTtTgrQGg==
etag
"0x8DB110D5F9EAE04"
x-azure-ref
0V/QqZAAAAAC6XyHWdTCnQLFakoIi4h/DRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/octet-stream
x-ms-request-id
88090e4e-901e-005b-2f29-6555c4000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
SourceSansPro-Bold.ttf
my.naviguard.com/fonts/
261 KB
102 KB
Font
General
Full URL
https://my.naviguard.com/fonts/SourceSansPro-Bold.ttf
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:24 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0V/QqZAAAAAB2hL0UUZXrRIJ7IX+umxgeRlJBMjMxMDUwNDE3MDQ5ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
hmm4cGu73RSC4vzMTtloUA==
etag
"0x8DB110D5FAABA2E"
x-azure-ref
0V/QqZAAAAAC6ooUcROyDRbM6ve4Xl6cjRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_MISS
content-type
application/octet-stream
x-ms-request-id
716c9c58-a01e-0032-2743-666c88000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
SourceSansPro-Light.ttf
my.naviguard.com/fonts/
262 KB
102 KB
Font
General
Full URL
https://my.naviguard.com/fonts/SourceSansPro-Light.ttf
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3eb3ad852d98c139c78064804524d0d2472b3efb872dc176b217fb57ae6a6f78

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0V/QqZAAAAAAbH21g5sbHRonTIrKdP/z7RlJBMjMxMDUwNDE3MDUxADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
gc0hfkqBYKkwxtX7jR6Ogg==
etag
"0x8DB110D5FAEFF44"
x-azure-ref
0V/QqZAAAAACb1fr17ECDRa9MLn5qxE5NRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_REMOTE_HIT
content-type
application/octet-stream
x-ms-request-id
56e33eb7-501e-006b-5229-65eb0b000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
681ac33803850ebe525bfe67512bc5dac7fabb8fe30f1e1c79dd3fa3193fbe21

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
Canela-BoldItalic-Web.woff
my.naviguard.com/fonts/
49 KB
50 KB
Font
General
Full URL
https://my.naviguard.com/fonts/Canela-BoldItalic-Web.woff
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
00aeb0fe6d7035359d56876ccd541865af9d349b46a34a0b41df47ff71f70395

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:33 GMT
x-azure-ref-originshield
0NBspZAAAAACA5s1yG8qyRIJii6xTeOCXRlJBMjMxMDUwNDE3MDI1ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
kunS818ziJfHuTMZvUUyWQ==
etag
"0x8DB110D5FA16CB7"
x-azure-ref
0V/QqZAAAAACTW+JQMN4uTYUY6CpHRIN3RlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/octet-stream
x-ms-request-id
86bfd858-901e-004b-4629-6590ac000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2226b1e6c7d190a12e3d3a8fadadbf94ef3f7b6eb00a9a1c58fffb065bc1e157

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
40 KB
40 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d94bc9443017623a62fbf3eb2f2d6f87b8dffd01fde09257766e305f338c177f

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
47 KB
47 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17dc5ceb63b15c0a60fc32a1157a94defbb0fe15280efdbf45b4d4bc897149bf

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
39 KB
39 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f84141b93c705ee277d8c9b195b46d704fff99a17ca865e6060ff1222dae6b6c

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c04bbca909f533d13a5640c59b161869504d38b839bed393fc782cff25052021

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a32ea49472c51c6a7369b82c16ca0254c443f3e551b38909020653152ea80843

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dff7e22aae6582c97e2c4f72dc57a3f62c16fe02179cdd9c21b2953d3e980ae1

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
42 KB
42 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8aac34d2f36184fb7d91365fb7c6f8ecb9155e518942b49db2b7b7894027f31

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
279931db38a24eb15203fee18eab13d9a1bf078597778b4aca92167856975fb5

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
40 KB
40 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f911903e9c75c569e16c8c220fced410443a21c019c16a17571c26b704702874

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acd9408e3c9c62c82aec48b7e117a2bb97cc858db1aff8548747f137330d11f0

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
font.woff
my.naviguard.com/fonts/
50 KB
51 KB
Font
General
Full URL
https://my.naviguard.com/fonts/font.woff
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
01dc076e4a34afd3d38c4a48f99eecf6ffe7e92c6b2ab7e6e98f7e86fefdfeda

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:23 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:33 GMT
x-azure-ref-originshield
0WPQqZAAAAAA4t3OrlQKuSLDJmfsxYYHeRlJBMjMxMDUwNDE3MDA5ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
GENkFVfKXope6ubRogALwQ==
etag
"0x8DB110D5FA3B653"
x-azure-ref
0WPQqZAAAAAAlD5A4xFNZSoKkNCUo6lChRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_REMOTE_HIT
content-type
application/octet-stream
x-ms-request-id
54bf6fa4-401e-0005-2f29-65be24000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
truncated
/
40 KB
40 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2b55eb0bb4824cd400c1d3445e3462ff05f4a77d912367cd5328fb7219fbd3e

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f89e5f89535ca6f77b71491c01009ff4382dd15e114ac483bcc1ed7eb41bd1c2

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
40 KB
40 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5fc7dcc02a5e9a17255350c3d149a159acd1602ac5e11d7925531846be9074e

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0b67e34fc5adc85ce2be387364ec32ce514675dda0c225c271586451e87966d

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b5c6c81ea35b20cd0d894e31e778c7aca2fb227ef80cbeee118268b42a67aca

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89b4d38f1c336d8fdb633349897c150c00ff73f8f35c2b0279b37e014c174fc0

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d194f0eda73757061007cbb905126b2c125e506cb533a34b872edaa92f27e05a

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95c3f475d95160c24417ea0c5ba0aeca8f55a88d5c15687fbdaad46eb6afe490

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
36 KB
36 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7bbfbd01edeaa4d2f208389f74ddbf067bd0386667d3b66fec490a9fabbcc

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
38 KB
38 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a85d95a6d0526a2e22795ace6213e7b385bcdddcc4acef577eba4b9e02a9c82

Request headers

Referer
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
font/woff
MaterialIcons.ttf
my.naviguard.com/fonts/
125 KB
56 KB
Font
General
Full URL
https://my.naviguard.com/fonts/MaterialIcons.ttf
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b7f4a3ab562048f28dd1fa691601bc43363a61d0f876d16d8316c52e4f32d696

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:24 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:33 GMT
x-azure-ref-originshield
0w80lZAAAAAC8eidbAjNWTJe2eKHzmdPuRlJBMjMxMDUwNDE3MDQ5ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
o3sMAcC68YiMqBLMBQj24g==
etag
"0x8DB110D5F70C6FD"
x-azure-ref
0WPQqZAAAAADjWs1vaHicRInZHyAHqSbIRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/octet-stream
x-ms-request-id
527cd8ab-e01e-000c-2e31-63fbf7000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
Ionicons.ttf
my.naviguard.com/fonts/
110 KB
62 KB
Font
General
Full URL
https://my.naviguard.com/fonts/Ionicons.ttf
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20d173bcb6051d0973be0ca6aa2fb4f27a5b290d80106cb2c567c8fdc772c711

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:24 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:33 GMT
x-azure-ref-originshield
0OxUpZAAAAACwf2tJ4QrER4Vo7K6MLTypRlJBMjMxMDUwNDE4MDE3ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
suD8ghxohvs5QPhaMyAAPg==
etag
"0x8DB110D5F4F613C"
x-azure-ref
0WPQqZAAAAACZB/IO2JgHRotVgZsGsbxfRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
application/octet-stream
x-ms-request-id
29acda2d-401e-0058-7372-60b4a0000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
iFrame.html
universal.iperceptions.com/ Frame C34A
2 KB
1 KB
Document
General
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://my.naviguard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age
60
cache-control
public,max-age=7200
content-encoding
gzip
content-md5
Vmg/mBwwVR6Kl52r4KoGqg==
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 03 Apr 2023 15:43:23 GMT
last-modified
Tue, 28 Jan 2020 16:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id
ocse13VrnEq6xckiDqaAyI6zgiMx--jCXzHQLF7itlM_dFOxOJty2A==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
51bfd70c-701e-0005-5127-661db7000000
x-ms-version
2009-09-19
Primary Request login
www.healthsafe-id.com/rt/
Redirect Chain
  • https://sso.optum.com/ext/as/authorization.oauth2?client_id=naviguard-hsid-prod&pfidpadapterid=HsidNewUIOidc&response_type=code&scope=openid+profile+email&redirect_uri=https://my.naviguard.com/&cod...
  • https://www.healthsafe-id.com/rt/secure/auth/Naviguard/en?resume=/as/GWIvZnjnhj/resume/as/authorization.ping&spentity=null&scope=openid%20profile%20email&response_type=code&pfidpadapterid=HsidNewUI...
  • https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas...
5 KB
3 KB
Document
General
Full URL
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Requested by
Host: my.naviguard.com
URL: https://my.naviguard.com/static/js/app.96c22e3a.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
484f99881cc7556edd6940108bedc824e5e1689e588a6a90af720da6a6f29c2a
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Apr 2023 15:44:28 GMT
Expires
0
Pragma
no-cache
Server-Timing
dtRpid;desc="-31832705"
Strict-Transport-Security
max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
PCHS4
X-ruxit-JS-Agent
true

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type
text/html;charset=utf-8
Date
Mon, 03 Apr 2023 15:44:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Pragma
no-cache
Referrer-Policy
origin
Server-Timing
dtRpid;desc="587443478"
Strict-Transport-Security
max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
PCHS3
X-ruxit-JS-Agent
true
naviguard_color_desktop.24eabcac.svg
my.naviguard.com/static/media/
8 KB
3 KB
Image
General
Full URL
https://my.naviguard.com/static/media/naviguard_color_desktop.24eabcac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:24 GMT
content-encoding
br
last-modified
Fri, 17 Feb 2023 17:35:34 GMT
x-azure-ref-originshield
0lColZAAAAACp3WjGWAbTT6tI08EurKBeRlJBMjMxMDUwNDE3MDM3ADQyN2QxZmM5LTRmMTktNDAxNC1iNzkwLTcxMTU5MmQ3NzZjNw==
content-md5
/H865IeIrd/fTMAmrYOlqQ==
etag
"0x8DB110D5FB4A3CB"
x-azure-ref
0WPQqZAAAAAAACweGEvzQR71yqKV9zcxXRlJBMzFFREdFMDMyMAA0MjdkMWZjOS00ZjE5LTQwMTQtYjc5MC03MTE1OTJkNzc2Yzc=
x-cache
TCP_HIT
content-type
image/svg+xml
x-ms-request-id
c103c012-a01e-001d-6089-5f6143000000
cache-control
public, max-age=2592000
x-ms-version
2018-03-28
accept-ranges
bytes
InviteTriggers
api.iperceptions.com/
241 B
305 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://my.naviguard.com/
accept-language
de-DE,de;q=0.9
SecurityToken
2483f974-056f-44d3-83c8-e632e04c80c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Apr 2023 15:44:24 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
InviteTriggers
api.iperceptions.com/ Frame
0
0
Preflight
General
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
securitytoken
Access-Control-Request-Method
GET
Origin
https://my.naviguard.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
securitytoken
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 03 Apr 2023 15:44:24 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
IpEngine_v78.0.js
universal.iperceptions.com/core/
11 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Apr 2023 15:40:56 GMT
content-encoding
gzip
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-md5
ofN/a2/Vf6dAsat1lPzqnA==
age
208
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Mon, 22 Mar 2021 17:01:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ce7523f1-a01e-002e-0883-64690f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
s_yPL0I9Ij-YLpNvrWr7iWkGocYQx3aZEJqDlOeftcNs4jqrhririA==
35620_638036929222306393
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/
16 KB
2 KB
Script
General
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/35620_638036929222306393
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:ba00:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Apr 2023 15:44:24 GMT
content-encoding
gzip
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
content-md5
f0g7kUP4TeU2l9qfLCdoLg==
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1260
x-ms-lease-status
unlocked
last-modified
Thu, 10 Nov 2022 16:02:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC334E7FC9317
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6382be68-f01e-0022-7f43-66abb9000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
x-amz-cf-id
e3CYku_nC2J_EgADb9DYAgB_RSjzB2oVdntGZob6BtHMCGiD5u3ReA==
wUniversal.aspx
ips-invite.iperceptions.com/
9 KB
9 KB
Script
General
Full URL
https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-130369-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7963558287&sessionID=631e9ba6-aa30-c999-c537-240a85da1498&device=desktop
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:14:7b3:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4ctUWNiPmHqspj4jrm0lCMNze9MJFqhMJxK0k4UCYpNxN-f9mxrLeg==
130369_1_Desktop.json
ips-invite.iperceptions.com/Engagements/Files/35620/130369/
11 KB
3 KB
XHR
General
Full URL
https://ips-invite.iperceptions.com/Engagements/Files/35620/130369/130369_1_Desktop.json
Requested by
Host: ips-invite.iperceptions.com
URL: https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-130369-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7963558287&sessionID=631e9ba6-aa30-c999-c537-240a85da1498&device=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:14:7b3:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Thu, 12 May 2022 15:21:25 GMT
server
Apache
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"d81be4f11366d81:0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-cf-id
J1Q3KAtnlI6lXq38HPaFNnayYu3bBtSPW7IrxbXhpymQ0gdKUP9gdA==
layer_v1.9.0.js
ips-invite.iperceptions.com/Engagements/Dependencies/
36 KB
7 KB
Script
General
Full URL
https://ips-invite.iperceptions.com/Engagements/Dependencies/layer_v1.9.0.js
Requested by
Host: ips-invite.iperceptions.com
URL: https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-130369-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7963558287&sessionID=631e9ba6-aa30-c999-c537-240a85da1498&device=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:14:7b3:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 19:40:09 GMT
server
Apache
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"e34eeb2a531fd71:0"
age
19
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Bj-0DkGwws4E2YN8zTyDJ82hyCxSXaVfVrPv1jIS3xi0ZE2-WAHp9w==
helpers_v1.9.0.js
ips-invite.iperceptions.com/Engagements/Dependencies/
4 KB
2 KB
Script
General
Full URL
https://ips-invite.iperceptions.com/Engagements/Dependencies/helpers_v1.9.0.js
Requested by
Host: ips-invite.iperceptions.com
URL: https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-130369-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7963558287&sessionID=631e9ba6-aa30-c999-c537-240a85da1498&device=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:14:7b3:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 19:40:09 GMT
server
Apache
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"3a7ed2a531fd71:0"
age
42
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-cf-id
S3qs0IEWsDnrhGDXnBoXXB4JX7s-C9zLnGW4sgCJ3m12k2G-cS3lCw==
css2
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro&family=Spectral&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Apr 2023 15:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 15:44:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Apr 2023 15:44:26 GMT
647614.png
sd.iperceptions.com/engagementimages/130369/
8 KB
9 KB
Image
General
Full URL
https://sd.iperceptions.com/engagementimages/130369/647614.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:ba00:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Apr 2023 15:44:26 GMT
content-encoding
binary
via
1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
content-md5
A7UBOVGpUN0X5TyY4vGYOQ==
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8629
x-ms-lease-status
unlocked
last-modified
Fri, 22 Apr 2022 17:13:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA24836F62E461
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0f3d10b0-901e-00dc-6f43-6697dc000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
x-amz-cf-id
3MVM2351ZYHnKiM7bwI10_aLZDFZbmmdxmajbetEx3bRhgPkNQbzcA==
logo.svg
ips-invite.iperceptions.com/engagements/images/
3 KB
2 KB
Image
General
Full URL
https://ips-invite.iperceptions.com/engagements/images/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c600:14:7b3:cf40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:41:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 19:54:27 GMT
server
Apache
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"bd84253c5bf0d71:0"
age
162
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_IPJV7msLzoSqj6zXyV9G3ERFo20tOfpWtRn8HUq-J5yOdDqYWqPKA==
truncated
/
368 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
counter_N.png
ips-img.iperceptions.com/Counter/
119 B
630 B
Image
General
Full URL
https://ips-img.iperceptions.com/Counter/counter_N.png?surveyID=130369&siteID=1000&langID=1&traceID=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:fe00:6:607f:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:44:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy
cross-origin
content-length
119
last-modified
Mon, 09 May 2011 14:45:35 GMT
server
Apache
etag
"4d2f93c157ecc1:0"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
x-amz-cf-id
vRYtQtINoWxBrjzZZ5Nh09V7H-A8fg9zYUK9x8QST-D6qgff_Wo4Lw==
635295.png
universaldefinitionsdev.blob.core.windows.net/engagementimages/130369/
176 KB
177 KB
Image
General
Full URL
https://universaldefinitionsdev.blob.core.windows.net/engagementimages/130369/635295.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.1.68 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.naviguard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 03 Apr 2023 15:44:26 GMT
Content-Encoding
binary
Last-Modified
Fri, 22 Apr 2022 13:48:16 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
VZUxYzUAm5gKg1Q2PYse6Q==
ETag
0x8DA2466C10082B6
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
d92b81bb-401e-0056-6843-665be7000000
Cache-Control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
Content-Length
180385
rnCr-xNNww_2s0amA9M5kng.woff2
fonts.gstatic.com/s/spectral/v13/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro&family=Spectral&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:57:04 GMT
x-content-type-options
nosniff
age
535642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21816
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:57:04 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro&family=Spectral&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.naviguard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:05 GMT
x-content-type-options
nosniff
age
537201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:05 GMT
bundles-average.js
www.healthsafe-id.com/assets/
996 B
2 KB
Script
General
Full URL
https://www.healthsafe-id.com/assets/bundles-average.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
cf1e0f0e900b7610d32187372a416a264a20095c3a89278e148cba754d0bacc7
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Via
1.1 google
Transfer-Encoding
chunked
X-Ion-Hop
1
Connection
keep-alive
Server-Timing
dtRpid;desc="-1616988689"
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
PCHS3
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
ruxitagentjs_ICA27NVdefghjrtux_10255221104040649.js
www.healthsafe-id.com/
269 KB
101 KB
Script
General
Full URL
https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjrtux_10255221104040649.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
d3f652f7865378d0ec1835b91b9ff1df40c3c0a1bff8f59c2d120bf2e848be56
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
X-ps-id
PCHS1
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Content-Length
102348
X-XSS-Protection
1; mode=block
Expires
Tue, 02 Apr 2024 15:44:28 GMT
bundles-average.js
www.healthsafe-id.com/assets/
204 KB
118 KB
Script
General
Full URL
https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMBIvUeHAQAAeOD4mN4ak6B6MiPMeqXztoAhp-YbuegkDzrnhCQzyiHjL1ed&EdxVWcjYRR--z=q
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
3af1c4a952e57fd633484af1dbae1ab64b077c48ea09734a5be1154e5b10f9be
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Via
1.1 google
Transfer-Encoding
chunked
X-Ion-Hop
1
Connection
keep-alive
Server-Timing
dtRpid;desc="-735285468"
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-XSS-Protection
1; mode=block
X-ps-id
PCHS3
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=3600, immutable
BrowserUpdate.css
www.healthsafe-id.com/rt/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.healthsafe-id.com/rt/BrowserUpdate.css
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
8368810c2d32d64cdd7f15394b462ef4109723c17afdc0d3473a7a3a81419a8e
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
Content-Length
532
X-XSS-Protection
1; mode=block
X-ps-id
PCHS1
Last-Modified
Wed, 29 Mar 2023 20:08:46 GMT
ETag
"214-5f80f8b3111c0:dtagent10255221104040649UE9Q"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-encoding
Content-Type
text/css
Accept-Ranges
bytes
cx.js
repo.rakanto.com/rakanto/cx/
0
0

index.ce3bc8ca.js
www.healthsafe-id.com/rt/static/js/
771 KB
239 KB
Script
General
Full URL
https://www.healthsafe-id.com/rt/static/js/index.ce3bc8ca.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Connection
keep-alive
Server-Timing
dtRpid;desc="-236894917"
Content-Length
243469
X-XSS-Protection
1; mode=block
X-ps-id
PCHS4
Last-Modified
Wed, 29 Mar 2023 20:08:46 GMT
ETag
"3b70d-5f80f8b3111c0:dtagent10255221104040649UE9Q"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-encoding
Content-Type
text/javascript
Accept-Ranges
bytes
index.e4a4f685.css
www.healthsafe-id.com/rt/static/css/
97 KB
17 KB
Stylesheet
General
Full URL
https://www.healthsafe-id.com/rt/static/css/index.e4a4f685.css
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafe-id.com
Software
/
Resource Hash
7c1d5a3a6784fd9ae32baa0a84ea92ac7216cb70293d33b81a565b03ffd2b8aa
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FbiUpKbSwEM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2FNaviguard%2Fen%3Fresume%3D%2Fas%2FGWIvZnjnhj%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmy.naviguard.com%2F%26portal%3DNaviguard%26client_id%3Dnaviguard-hsid-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 15:44:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Connection
keep-alive
Server-Timing
dtRpid;desc="-1393521649"
Content-Length
16032
X-XSS-Protection
1; mode=block
X-ps-id
PCHS3
Last-Modified
Wed, 29 Mar 2023 20:08:46 GMT
ETag
"3ea0-5f80f8b3111c0:dtagent10255221104040649UE9Q"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-encoding
Content-Type
text/css
Accept-Ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
repo.rakanto.com
URL
https://repo.rakanto.com/rakanto/cx/cx.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

14 Cookies

Domain/Path Name / Value
my.naviguard.com/ Name: ipe_s
Value: 631e9ba6-aa30-c999-c537-240a85da1498
my.naviguard.com/ Name: ipe.35620.pageViewedCount
Value: 1
my.naviguard.com/ Name: ipe.35620.pageViewedDay
Value: 93
my.naviguard.com/ Name: ipe_35620_fov
Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%22631e9ba6-aa30-c999-c537-240a85da1498%22%2C%22expiry%22%3A%222023-05-03T15%3A44%3A25.731Z%22%2C%22lastVisit%22%3A%222023-04-03T15%3A44%3A25.731Z%22%7D
.my.naviguard.com/ Name: IPE130369
Value: IPE130369
sso.optum.com/ Name: ext-PF
Value: GGr97NsjVLzAtxttQ6RJrPokMaABhDig8mc6Mo307pgb
www.healthsafe-id.com/ Name: nonce.kmcukC.1680536967
Value: 398d2656-1db9-4a0b-8e79-f086ae7348f2
www.healthsafe-id.com/ Name: 0870927d219d7847767888a82a6ca2ff
Value: 65bb41545f483a48e1a40480d059d634
www.healthsafe-id.com/ Name: BIGipServerapps.ocp-ctc-dmz.optum.com_80
Value: 3092141578.20480.0000
www.healthsafe-id.com/ Name: TS0110f9d0
Value: 016f206c3897ab4cfc7fee6f8f7a57b87e4b08825a397a6912e2baaa2614af10451af32f75c1ee1b522183b32314d9b5c301f2ea13
.healthsafe-id.com/ Name: TS01472d49
Value: 016f206c3897ab4cfc7fee6f8f7a57b87e4b08825a397a6912e2baaa2614af10451af32f75c1ee1b522183b32314d9b5c301f2ea13
www.healthsafe-id.com/ Name: ext-PF
Value: kdy2fp4ke32TN3ZsLPcn9zBCH4j9ZrFTWa84hMMLnpcJ
.healthsafe-id.com/ Name: dtCookie
Value: v_4_srv_41_sn_04F4208F696D14D0CB1D079110C59D6C_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0_app-3Aea7c4b59f27d43eb_0
www.healthsafe-id.com/ Name: bfd37fd494e6c607638f0a9f1120ca35
Value: 58eee41839e30a4dfd34afba0da28aaa

2 Console Messages

Source Level URL
Text
network error URL: https://my.naviguard.com/home?utm_campaign=provide_signature_email&utm_medium=email&utm_source=sfmc
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://unpkg.com/react-day-picker@8.6.0/lib/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iperceptions.com
click.communications.naviguard.com
fonts.googleapis.com
fonts.gstatic.com
ips-img.iperceptions.com
ips-invite.iperceptions.com
my.naviguard.com
repo.rakanto.com
sd.iperceptions.com
sso.optum.com
universal.iperceptions.com
universaldefinitionsdev.blob.core.windows.net
unpkg.com
www.googletagmanager.com
www.healthsafe-id.com
repo.rakanto.com
13.111.241.123
168.183.36.21
168.183.37.28
20.150.1.68
2600:9000:223e:fe00:6:607f:55c0:93a1
2600:9000:225e:6200:8:e7ba:7440:93a1
2600:9000:236e:c600:14:7b3:cf40:93a1
2600:9000:243d:ba00:18:ee0c:6e00:93a1
2606:4700::6810:7daf
2620:1ec:4e:1::45
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
52.138.200.61
00aeb0fe6d7035359d56876ccd541865af9d349b46a34a0b41df47ff71f70395
01dc076e4a34afd3d38c4a48f99eecf6ffe7e92c6b2ab7e6e98f7e86fefdfeda
0879f1113b3c874be3f842a34fdccd1ae98cd71e9a6f334c8c9570e1575934f0
17dc5ceb63b15c0a60fc32a1157a94defbb0fe15280efdbf45b4d4bc897149bf
1a85d95a6d0526a2e22795ace6213e7b385bcdddcc4acef577eba4b9e02a9c82
20b7bbfbd01edeaa4d2f208389f74ddbf067bd0386667d3b66fec490a9fabbcc
20d173bcb6051d0973be0ca6aa2fb4f27a5b290d80106cb2c567c8fdc772c711
2226b1e6c7d190a12e3d3a8fadadbf94ef3f7b6eb00a9a1c58fffb065bc1e157
2738dcd1d698dd0da4b17df4ef5e5cc2e8af9c5aea7d082bead00c8024f4e0d5
279931db38a24eb15203fee18eab13d9a1bf078597778b4aca92167856975fb5
2e313b73514badc7496221a179277c0197bec0c99b30314ad4c3fcca5f3d3cb1
3af1c4a952e57fd633484af1dbae1ab64b077c48ea09734a5be1154e5b10f9be
3eb3ad852d98c139c78064804524d0d2472b3efb872dc176b217fb57ae6a6f78
484f99881cc7556edd6940108bedc824e5e1689e588a6a90af720da6a6f29c2a
681ac33803850ebe525bfe67512bc5dac7fabb8fe30f1e1c79dd3fa3193fbe21
6b5c6c81ea35b20cd0d894e31e778c7aca2fb227ef80cbeee118268b42a67aca
7c1d5a3a6784fd9ae32baa0a84ea92ac7216cb70293d33b81a565b03ffd2b8aa
8368810c2d32d64cdd7f15394b462ef4109723c17afdc0d3473a7a3a81419a8e
89b4d38f1c336d8fdb633349897c150c00ff73f8f35c2b0279b37e014c174fc0
95c3f475d95160c24417ea0c5ba0aeca8f55a88d5c15687fbdaad46eb6afe490
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb
a32ea49472c51c6a7369b82c16ca0254c443f3e551b38909020653152ea80843
a5fc7dcc02a5e9a17255350c3d149a159acd1602ac5e11d7925531846be9074e
a8aac34d2f36184fb7d91365fb7c6f8ecb9155e518942b49db2b7b7894027f31
acd9408e3c9c62c82aec48b7e117a2bb97cc858db1aff8548747f137330d11f0
b7f4a3ab562048f28dd1fa691601bc43363a61d0f876d16d8316c52e4f32d696
c04bbca909f533d13a5640c59b161869504d38b839bed393fc782cff25052021
c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3
c9aa8766a5633b468e3f0cd66b1a2c1818690e9c7b6dd8d4f955665468e18c9c
cf1e0f0e900b7610d32187372a416a264a20095c3a89278e148cba754d0bacc7
d0b67e34fc5adc85ce2be387364ec32ce514675dda0c225c271586451e87966d
d194f0eda73757061007cbb905126b2c125e506cb533a34b872edaa92f27e05a
d3f652f7865378d0ec1835b91b9ff1df40c3c0a1bff8f59c2d120bf2e848be56
d94bc9443017623a62fbf3eb2f2d6f87b8dffd01fde09257766e305f338c177f
dff7e22aae6582c97e2c4f72dc57a3f62c16fe02179cdd9c21b2953d3e980ae1
e2b55eb0bb4824cd400c1d3445e3462ff05f4a77d912367cd5328fb7219fbd3e
f7656bc3ccebd611041f9484fd00713447fbad96682d02882c2737830adcd4b2
f84141b93c705ee277d8c9b195b46d704fff99a17ca865e6060ff1222dae6b6c
f89e5f89535ca6f77b71491c01009ff4382dd15e114ac483bcc1ed7eb41bd1c2
f911903e9c75c569e16c8c220fced410443a21c019c16a17571c26b704702874