www.healthsafe-id.com
Open in
urlscan Pro
168.183.37.28
Public Scan
Submitted URL: https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402cf3dcca3be632f13e27cbbfb698dccf80135e2b8d866cca95d45d64be11c0ef7501a340dda48b...
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FNwudPqWQwR%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On February 24 via manual from US — Scanned from DE
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FNwudPqWQwR%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On February 24 via manual from US — Scanned from DE
Summary
This website contacted 23 IPs
in 5 countries
across 22 domains to perform 84 HTTP transactions.
The main IP is 168.183.37.28, located in
United States and
belongs to UHC, US.
The main domain is www.healthsafe-id.com.
The Cisco Umbrella rank of the primary domain is 46005.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
13.111.39.86
(United States)
ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
| click.yourhealth-wellnessteam.com |
1
52.167.10.111
(Boydton, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| account.optumbank.com |
4
34.248.177.106
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-177-106.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-177-106.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
34.251.134.200
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-134-200.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-134-200.eu-west-1.compute.amazonaws.com
| unitedhealthgroup.demdex.net |
2
15.236.125.10
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
| smetrics.optum.com |
1
52.208.37.125
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
52.211.172.170
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-172-170.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-172-170.eu-west-1.compute.amazonaws.com
| unitedhealthgroup.tt.omtrdc.net |
2
142.251.39.34
(United States)
ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net
| cm.g.doubleclick.net |
1
3.33.220.150
(United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
6
104.17.208.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
2
54.172.114.220
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-220.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-220.compute-1.amazonaws.com
| report.uhg.glassboxdigital.io |
1
91.235.134.131
(United States)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 15saug00zt2kqtfflg47c5qmmepbl2bwmqr6nyqw71a15c037f82c816am1.e.aa.online-metrix.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 41 |
healthsafe-id.com
2 redirects
www.healthsafe-id.com — Cisco Umbrella Rank: 46005 rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 53475 |
708 KB |
| 6 |
qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 41029 siteintercept.qualtrics.com — Cisco Umbrella Rank: 981 |
68 KB |
| 5 |
online-metrix.net
1 redirects
h.online-metrix.net — Cisco Umbrella Rank: 3176 15saug00zt2kqtfflg47c5qmmepbl2bwmqr6nyqw71a15c037f82c816am1.e.aa.online-metrix.net |
17 KB |
| 5 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 198 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 22452 |
7 KB |
| 5 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 470 |
185 KB |
| 4 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
4 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
176 KB |
| 3 |
rakanto.com
repo.rakanto.com — Cisco Umbrella Rank: 19008 cse.rakanto.com — Cisco Umbrella Rank: 19219 |
43 KB |
| 3 |
optum.com
1 redirects
sso.optum.com — Cisco Umbrella Rank: 47480 smetrics.optum.com — Cisco Umbrella Rank: 19632 |
2 KB |
| 2 |
glassboxdigital.io
report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 48009 |
5 KB |
| 2 |
google.de
www.google.de — Cisco Umbrella Rank: 6149 |
563 B |
| 2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
563 B |
| 2 |
werally.com
member.werally.com — Cisco Umbrella Rank: 49001 |
23 KB |
| 2 |
myoptum.com
www.myoptum.com — Cisco Umbrella Rank: 56509 |
16 KB |
| 2 |
gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 7630 |
278 KB |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296 |
265 B |
| 1 |
omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 20139 |
726 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1048 |
517 B |
| 1 |
browser-update.org
browser-update.org — Cisco Umbrella Rank: 6610 |
5 KB |
| 1 |
optumbank.com
1 redirects
account.optumbank.com — Cisco Umbrella Rank: 147031 |
1 KB |
| 1 |
yourhealth-wellnessteam.com
1 redirects
click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 94543 |
283 B |
| 0 |
ib-ibi.com
Failed
global.ib-ibi.com Failed |
|
| 84 | 22 |
| Domain | Requested by | |
|---|---|---|
| 25 | www.healthsafe-id.com |
2 redirects
www.healthsafe-id.com
|
| 16 | rba-screen.healthsafe-id.com |
www.healthsafe-id.com
rba-screen.healthsafe-id.com cdn.gbqofs.com |
| 5 | siteintercept.qualtrics.com |
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
www.healthsafe-id.com siteintercept.qualtrics.com |
| 5 | assets.adobedtm.com |
www.healthsafe-id.com
assets.adobedtm.com |
| 4 | h.online-metrix.net |
1 redirects
rba-screen.healthsafe-id.com
|
| 4 | dpm.demdex.net |
1 redirects
www.healthsafe-id.com
|
| 3 | www.googletagmanager.com |
assets.adobedtm.com
www.googletagmanager.com |
| 2 | report.uhg.glassboxdigital.io |
www.healthsafe-id.com
cdn.gbqofs.com |
| 2 | www.google.de |
www.healthsafe-id.com
|
| 2 | www.google.com |
www.healthsafe-id.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 2 | member.werally.com |
www.healthsafe-id.com
|
| 2 | www.myoptum.com |
www.healthsafe-id.com
|
| 2 | cse.rakanto.com |
www.healthsafe-id.com
|
| 2 | cdn.gbqofs.com |
www.healthsafe-id.com
cdn.gbqofs.com |
| 2 | smetrics.optum.com |
www.healthsafe-id.com
|
| 1 | 15saug00zt2kqtfflg47c5qmmepbl2bwmqr6nyqw71a15c037f82c816am1.e.aa.online-metrix.net | |
| 1 | zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com |
www.healthsafe-id.com
|
| 1 | match.adsrvr.org |
www.healthsafe-id.com
|
| 1 | unitedhealthgroup.tt.omtrdc.net |
www.healthsafe-id.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | unitedhealthgroup.demdex.net |
assets.adobedtm.com
|
| 1 | browser-update.org |
www.healthsafe-id.com
|
| 1 | repo.rakanto.com |
www.healthsafe-id.com
|
| 1 | sso.optum.com | 1 redirects |
| 1 | account.optumbank.com | 1 redirects |
| 1 | click.yourhealth-wellnessteam.com | 1 redirects |
| 0 | global.ib-ibi.com Failed |
www.healthsafe-id.com
|
| 84 | 29 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| account.optumbank.com |
| www.uhc.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| healthsafeid.optum.com COMODO RSA Organization Validation Secure Server CA |
2022-08-08 - 2023-08-08 |
a year | crt.sh |
| repo.rakanto.com COMODO RSA Organization Validation Secure Server CA |
2022-08-09 - 2023-08-09 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-20 - 2023-04-20 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
| cse.rakanto.com COMODO RSA Organization Validation Secure Server CA |
2023-01-28 - 2024-01-28 |
a year | crt.sh |
| www.myoptum.com COMODO RSA Organization Validation Secure Server CA |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
| *.werally.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-07 - 2023-08-04 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| rba-screen.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA |
2022-05-16 - 2023-05-16 |
a year | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
| uhg.glassboxdigital.io Amazon |
2022-10-08 - 2023-11-07 |
a year | crt.sh |
| h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2023-01-09 - 2024-01-23 |
a year | crt.sh |
| *.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2022-06-08 - 2023-07-10 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FNwudPqWQwR%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FQqiOZlIQ4W%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Frame ID: A70477E10FEA2E9FF54D63862B4131B2
Requests: 58 HTTP requests in this frame
Frame:
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 29BDEC7C673F0F62F122023741F20486
Requests: 4 HTTP requests in this frame
Frame:
https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: 8382BD536DC16B9B96EAF303697528A2
Requests: 2 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816&jb=353b262468736d7d35556b6c6667777326687b6f3d576966646d7f732d3a30313226687362773d416a726d656d24687160354368726d6565253230393132
Frame ID: 3416EC3C873FAC55C8804317FE8C5989
Requests: 13 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/HP?session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&org_id=15saug00&nonce=71a15c037f82c816&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 50B1571727C664A3C95BEAE3872393E5
Requests: 3 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816
Frame ID: DADC9683D237171643152C14526D85B5
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816
Frame ID: 4292C3E9FF0A8FC6609A81813A9DF037
Requests: 2 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816
Frame ID: D82043483180E14DEB529F04434BD22D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign in - OptumBankPage URL History Show full URLs
-
https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402cf3dcca3be632f13e27cbbfb698dccf80135e2b8d866cca95d45d64be...
HTTP 302
https://account.optumbank.com/account/deeplink/statements?cid=obnk:eml:OB_AH_2023obnk:Tax_forms::2359802ms08 HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?acr_values=&approval_prompt=force&client_id=bank... HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/QqiOZlIQ4W/resume/as/authorization.ping&spe... HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FNwudPqWQwR%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL
Detected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://account.optumbank.com/
Search URL Search Domain Scan URL
URL: https://www.uhc.com/legal/accessibility
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402cf3dcca3be632f13e27cbbfb698dccf80135e2b8d866cca95d45d64be11c0ef7501a340dda48bda2dcb2db0d61e11ab91a8d1136975f28cef
HTTP 302
https://account.optumbank.com/account/deeplink/statements?cid=obnk:eml:OB_AH_2023obnk:Tax_forms::2359802ms08 HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?acr_values=&approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid&state=567d4ff197ba39801ad014cb42447217%3A%2Faccount%2Fdeeplink%2Fstatements%3Fcid%3Dobnk%3Aeml%3AOB_AH_2023obnk%3ATax_forms%3A%3A2359802ms08%26brand%3Doptum%26portal%3Doptum&pfidpadapterid=HsidNewUIOidc&portal=cap HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/QqiOZlIQ4W/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://account.optumbank.com/login/callback&portal=cap&client_id=bank-cloud-prod HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiTmJiZEctRzdMV1hiVTZSMHhsM1p4dE9qR0NRIiwic3VmZml4IjoiZjVpNTFTLjE2NzcyNjcyMzYifQ..Wm0aKEvICdkTEmd2mRqGjg.6bNglNQC5L9LkkkliISR4uOCCctQZeiivSdTatM8rWudHALaHiqC0vo8WeLUpNLJoamlwMykUu_5gNAp7DLjK1mCLeEuuIfLScrSViIcutL5XDZJO3BpXiNHQJaVml84MBvwVb1ho6Toj-lcdYbtLYFs9obCMwrHmijsY-VTWL101mmU2py3ojBDYNgkSGuwXdNDYzHVgmAXxOAM-zxW3U-ZSpozuTh8mt4csuLCeqm1kgsewYpiqEgqGf_oKsddQ-mP907GlqMz3coIx418_e2cbnZqcElR2SmkLjTo0lAPE1ZIqpZUTssJ6dRr1ol_.rHyTRPujXDJMPwFWfO3OUw&nonce=xDIFpK4_08jiTVAemxlE_3e3oYh2_avZfOGDgA7v_hE&acr_values=BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FQqiOZlIQ4W%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FNwudPqWQwR%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FQqiOZlIQ4W%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1677266939210 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1677266939210
- https://cm.everesttech.net/cm/dd?d_uuid=43116055331963710242283048511296135656 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-kP_wAAAEzDMgOV
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDMxMTYwNTUzMzE5NjM3MTAyNDIyODMwNDg1MTEyOTYxMzU2NTY= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDMxMTYwNTUzMzE5NjM3MTAyNDIyODMwNDg1MTEyOTYxMzU2NTY=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMn7x1OWr0AgglCz6WoyYW4&google_cver=1?gdpr=0&gdpr_consent=
- https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816>tl=155520000 HTTP 302
- https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=ac16b1c8-3bc6-4adc-a5de-e28d88d075b0&nonce=71a15c037f82c816&k=2
84 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
login
www.healthsafe-id.com/rt/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bundles-average.js
www.healthsafe-id.com/assets/ |
995 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ruxitagentjs_ICA27NVdefghjrtux_10253221019152312.js
www.healthsafe-id.com/ |
269 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bundles-average.js
www.healthsafe-id.com/assets/ |
204 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BrowserUpdate.css
www.healthsafe-id.com/rt/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cx.js
repo.rakanto.com/rakanto/cx/ |
128 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.eb630810.chunk.css
www.healthsafe-id.com/rt/static/css/ |
94 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7.06f29af0.chunk.js
www.healthsafe-id.com/rt/static/js/ |
503 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.9cffe580.chunk.js
www.healthsafe-id.com/rt/static/js/ |
247 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
assets.adobedtm.com/ |
472 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
22.9ca098eb.chunk.js
www.healthsafe-id.com/rt/static/js/ |
11 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en
www.healthsafe-id.com/uiconfig/cap/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en
www.healthsafe-id.com/hsid2/content/cap/ |
148 KB 43 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
featureFlags
www.healthsafe-id.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
update.min.js
browser-update.org/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
976 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EXee6fea3e0d8945bba6f84c70c6160aa1-libraryCode_source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
331 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.3a178b61.chunk.css
www.healthsafe-id.com/rt/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.3da3b6fd.chunk.js
www.healthsafe-id.com/rt/static/js/ |
33 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
unitedhealthgroup.demdex.net/ Frame 29BD |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.optum.com/ |
48 B 461 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=Y-kP_wAAAEzDMgOV
dpm.demdex.net/ Redirect Chain
|
42 B 948 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ |
360 B 726 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
192 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ |
462 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
cse.rakanto.com/cx_collector/ |
3 B 472 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OptumBank_Logo.png
www.myoptum.com/content/dam/hsid/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ExternalLink.64fe2dcc.svg
www.healthsafe-id.com/rt/static/media/ |
524 B 907 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Bold.4d8f0b88.woff
www.healthsafe-id.com/rt/static/media/ |
15 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Roman.0d39e936.woff
www.healthsafe-id.com/rt/static/media/ |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crossStorageHub
www.healthsafe-id.com/protected/ Frame 8382 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
system-arrow-md.svg
member.werally.com/assets/icons/ |
347 B 853 B |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
inbound
www.healthsafe-id.com/hsid/setup/ |
59 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rbaurl
www.healthsafe-id.com/hsid/ |
40 B 648 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
s24842137275906
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod/1/JS-2.8.2-LCXS/ |
43 B 420 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC284096cbc5ef4b9bbf0cbf36327006f8-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
312 B 466 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEMn7x1OWr0AgglCz6WoyYW4&google_cver=1
dpm.demdex.net/ Frame 29BD Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
801 B 732 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
174 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 29BD |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
image.sbix
global.ib-ibi.com/ Frame 29BD |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/801669703/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/801669703/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/959766874/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/959766874/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HSID_Logo.png
www.myoptum.com/content/dam/hsid/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info
www.healthsafe-id.com/protected/tmx/ |
734 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
rba-screen.healthsafe-id.com/fp/ |
93 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hub-1.0.0.min.js
www.healthsafe-id.com/js/vendor/cross-storage/ Frame 8382 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC27118b4cbb854aff86652bc960a05b5e-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
1 KB 927 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ |
4 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
298 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ Frame 3416 |
462 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ Frame 3416 |
4 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
cse.rakanto.com/cx_collector/ |
3 B 472 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP
rba-screen.healthsafe-id.com/fp/ Frame 50B1 |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
81 B 537 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
h.online-metrix.net/fp/ Frame 3416 Redirect Chain
|
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3
rba-screen.healthsafe-id.com/fp/ Frame DADC |
91 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3
h.online-metrix.net/fp/ Frame 4292 |
104 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3
rba-screen.healthsafe-id.com/fp/ Frame D820 |
90 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
0 218 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
15saug00zt2kqtfflg47c5qmmepbl2bwmqr6nyqw71a15c037f82c816am1.e.aa.online-metrix.net/fp/ Frame 3416 |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js
rba-screen.healthsafe-id.com/fp/ Frame 50B1 |
209 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame DADC |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.884592655f8e03c201b2.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=FFDB8119F6F29C4512B89C9D19DBA8A3
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=70394EDEBAB2F2547FC4083C8CC0415F
h.online-metrix.net/fp/ Frame 4292 |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
59 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ARF;CIS3SID=5144592892B8954A6E08173A25B5A2DA
rba-screen.healthsafe-id.com/fp/ Frame 50B1 |
35 B 557 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f
www.healthsafe-id.com/ |
149 B 364 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
102 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 3416 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6.4ae8a96ad0173facde55.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 912 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.e396ac4697f9a8b9d2aa.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- global.ib-ibi.com
- URL
- https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=43116055331963710242283048511296135656
Verdicts & Comments Add Verdict or Comment
94 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| dT_ object| dtrum object| dynatrace object| optumPageDataLayer string| RakantoObject function| Rakanto function| clearImmediate function| setImmediate object| regeneratorRuntime function| initiateStoreUserData function| IMask function| $bu_getBrowser object| $buoop object| $bu_ function| $buo object| _buorgres object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer function| gtag object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| targetGlobalSettings function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq object| daco string| s_account object| s function| forge number| s_objectID number| s_giq string| rakanto_ubrid number| rakanto_sendInterval object| rakanto_api_endpoints function| pxSendCustomData object| pageDataLayer function| publishPostPageData object| google_tag_manager object| google_tag_data object| s_i_uhgoptumglobalprod_uhghsidprod object| GooglebQhCsO object| _cls_config object| _detector object| webVitals object| convertize object| td_5o function| tmx_run_page_fingerprinting number| td_o number| td_S number| td_n number| td_V number| td_G object| td_2X function| td_O function| td_T function| td_x function| td_s function| td_4k function| td_0p function| td_y function| td_R function| td_I function| td_D function| td_1B function| td_4c function| td_3m function| td_1g function| td_z function| td_Y function| td_3Z function| td_u function| td_3V function| tmx_post_session_params_fixed boolean| tmx_profiling_started boolean| eventLimitExceeded string| eventToEmit function| pixelTrack object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.84.1 object| _qsie43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| account.optumbank.com/ | Name: ApplicationGatewayAffinityCORS Value: f9ff99b7f58759874bc0c666902849d0 |
|
| account.optumbank.com/ | Name: ApplicationGatewayAffinity Value: f9ff99b7f58759874bc0c666902849d0 |
|
| account.optumbank.com/ | Name: web_oauth2_proxy_csrf Value: 567d4ff197ba39801ad014cb42447217 |
|
| account.optumbank.com/ | Name: auth_proxy_login Value: true |
|
| sso.optum.com/ | Name: ext-PF Value: lXLnigpaFOM833M50vKqOvxvVD600U73HfmLc7E1zXKY |
|
| www.healthsafe-id.com/ | Name: nonce.f5i51S.1677267236 Value: 22464596-6d33-45e1-acc1-f6c15d4371bd |
|
| www.healthsafe-id.com/ | Name: 0870927d219d7847767888a82a6ca2ff Value: c3dd96946dd4b4393462084470665344 |
|
| www.healthsafe-id.com/ | Name: BIGipServerapps.ocp-ctc-dmz.optum.com_80 Value: 1776571914.20480.0000 |
|
| www.healthsafe-id.com/ | Name: TS0110f9d0 Value: 016f206c38bd08939248132d32e3217d6e1a853f2d7887477880529f0351c375c932ea9db278147443b21455a6c4e0362c12e4cd83 |
|
| .healthsafe-id.com/ | Name: TS01472d49 Value: 016f206c38bd08939248132d32e3217d6e1a853f2d7887477880529f0351c375c932ea9db278147443b21455a6c4e0362c12e4cd83 |
|
| www.healthsafe-id.com/ | Name: ext-PF Value: ICbjLNogeyvN4qUYopfhbb3M0pVStPwPkQfCbDmqtYFT |
|
| .healthsafe-id.com/ | Name: dtCookie Value: v_4_srv_46_sn_407C1357F685E2F1B5A2FC22DEF5E127_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0_app-3Aea7c4b59f27d43eb_0 |
|
| www.healthsafe-id.com/ | Name: bfd37fd494e6c607638f0a9f1120ca35 Value: 19d9b283763c176751a86287161e5caa |
|
| .www.healthsafe-id.com/ | Name: Tv6TR2qd Value: AwRk5oSGAQAAX_HwWO_RqbixLpJjGxv-VLOlac_lXmjmDQK0YyYI1rOssR7wAbnVm6OucuFZwH8AAEB3AAAAAA|1|0|6663d2b78dfd84aa30b935d2eeb43d5de28a76ad |
|
| .www.healthsafe-id.com/ | Name: TS01747532 Value: 016f206c38bd08939248132d32e3217d6e1a853f2d7887477880529f0351c375c932ea9db278147443b21455a6c4e0362c12e4cd83 |
|
| .healthsafe-id.com/ | Name: rxVisitor Value: 1677266937840UHIV1Q2MCG5G4KMNLI6CCGVR3F1VCB69 |
|
| .healthsafe-id.com/ | Name: dtLatC Value: 2525 |
|
| .healthsafe-id.com/ | Name: dtSa Value: - |
|
| www.healthsafe-id.com/ | Name: rakanto_ubrid Value: |
|
| .rakanto.com/ | Name: pixel-ubrid Value: v2.0-6623c2b49c2081ddd8748abbdbb3d082-1367-1374-1673835739087-0000756545-1677266939140 |
|
| www.healthsafe-id.com/ | Name: HSID_V Value: d83a6525-f2e5-4a56-b179-b3679bdd89bb |
|
| www.healthsafe-id.com/ | Name: SESSION Value: YWZlNDM3ZjktZTQyZC00MzUxLWI5ZmQtNWQ0Mjk3NDk5ZDcy |
|
| .healthsafe-id.com/ | Name: at_check Value: true |
|
| www.healthsafe-id.com/ | Name: RakantoClientSideData Value: eyJ1YnJpZCI6InYyLjAtNjYyM2MyYjQ5YzIwODFkZGQ4NzQ4YWJiZGJiM2QwODItMTM2Ny0xMzc0LTE2NzM4MzU3MzkwODctMDAwMDc1NjU0NS0xNjc3MjY2OTM5MTQwIiwiY29tbWl0X2hhc2giOiI5MTFjY2FmIn0= |
|
| .demdex.net/ | Name: demdex Value: 43116055331963710242283048511296135656 |
|
| .healthsafe-id.com/ | Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1 |
|
| .healthsafe-id.com/ | Name: _gcl_au Value: 1.1.579725493.1677266939 |
|
| .healthsafe-id.com/ | Name: mbox Value: session#853756c4e12341cb8926b221cf385bce#1677268800|PC#853756c4e12341cb8926b221cf385bce.37_0#1740511740 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y-kP_wAAAEzDMgOV |
|
| .healthsafe-id.com/ | Name: s_cc Value: true |
|
| .dpm.demdex.net/ | Name: dpm Value: 43116055331963710242283048511296135656 |
|
| .healthsafe-id.com/ | Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19413%7CMCMID%7C37639108616054281531172899740559670785%7CMCAAMLH-1677871739%7C6%7CMCAAMB-1677871739%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1677274139s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19420%7CvVersion%7C5.0.1 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1677266939739|903-1-1677266939840|285689-1-1677266939940 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUk7OcB3RxuV7kPvF5CJ310mBKpxjok8LHl7sV5tcVFGg6cOmoGT7Ak3e1qVd8I |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .healthsafe-id.com/ | Name: _cls_v Value: a9760df3-f738-4d77-93d6-6e814eb908bd |
|
| .healthsafe-id.com/ | Name: _cls_s Value: a0051b5c-d964-4d60-b2f3-9aba6c178ce6:0 |
|
| rba-screen.healthsafe-id.com/ | Name: thx_guid Value: 27f34ef1f20a118f19efacf85bc61022 |
|
| www.healthsafe-id.com/ | Name: JSESSIONID Value: D4CE7729758DFA18B441F3B812E3DB58 |
|
| .healthsafe-id.com/ | Name: rxvt Value: 1677268741970|1677266937841 |
|
| h.online-metrix.net/ | Name: thx_global_guid Value: f9f441c226d14d779b5fd658d48b16fe |
|
| report.uhg.glassboxdigital.io/ | Name: AWSALBCORS Value: oeCIhecFo9njoy3nYyRED/PcMxrlz7eYJChXvE9ypdOos2qjvAIY603VFiUczRoP6vRO9/t477nuareoTPaknsw+vtPPkVQBgNSo3xQm/cdt4J0hjSdxTGGLHwdw |
|
| .healthsafe-id.com/ | Name: dtPC Value: 46$266937837_894h-vMSFTNKCNPTTJKATGDKCQKIKFOUFAAPAQ-0e0 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload |
| X-Content-Type-Options | nosniff nosniff |
| X-Frame-Options | SAMEORIGIN SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
15saug00zt2kqtfflg47c5qmmepbl2bwmqr6nyqw71a15c037f82c816am1.e.aa.online-metrix.net
account.optumbank.com
assets.adobedtm.com
browser-update.org
cdn.gbqofs.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
cse.rakanto.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
match.adsrvr.org
member.werally.com
rba-screen.healthsafe-id.com
repo.rakanto.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
sso.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.com
www.google.de
www.googletagmanager.com
www.healthsafe-id.com
www.myoptum.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.208.240
13.111.39.86
142.251.39.34
149.111.144.83
149.111.164.232
15.236.125.10
168.183.36.187
168.183.37.28
168.183.45.15
2606:4700:20::ac43:459c
2606:4700::6812:190d
2a00:1450:400d:804::2008
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a02:26f0:f700:482::1e80
3.33.220.150
34.248.177.106
34.251.134.200
45.60.33.26
52.167.10.111
52.208.37.125
52.211.172.170
54.172.114.220
91.235.132.130
91.235.133.67
91.235.134.131
015dde39651431e7683f7d9a111af697de7b75c7a9d4f67874ce70409b7fee9d
048ea1eb61f66585d5e2925f5c5ce5722af155d702c3759c85d310b3f2539050
08241b54cb8a5d671793e867bee847668e5b271ad1131c60c54ab0824574e528
09a574459a6ed61cb07b88838f529fdc4aa9795aa277dde97d89077b3da1d69d
0b2fa5a37ba56990c833142f8a6ac0c6a69a8ef7a60932e43d01bbf1b38d7162
1204f1068b5e6547c1254083409464b58c826824664c794da0c5e69ce9fd84a6
15536d1324d76d7aa6a54e42da1cdf632f398e958f54c0362986a337d4cae0d2
17ee2ce8ddfc5320a49af7983421a50e5b30de94f4456ae43d02c66fa8c6889b
2964f88aa0617bb1d500c8b7d834b2853a336a8bf2fef02435ded0579a8048bb
35196b618fe7047932b2529853ed9a72489a0c6dd3ce5bf3b482592734ba7fa8
3a7e32567d94b4c82eb8b3bd793663ccfe42e9b47052909b422deb33b585376f
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
3f0fa96b5b5d3e6b180752c239233bfeb43efe494488a6d636e20b5b8b97ccbc
4e55ac60c6bdea40d5f328b9f736d67ea3d1d60c33ff08fe1dce388545de2ff2
50623a2a762c1bc43aecebbe794f7a32aa905a6125421e7509439a219b5fa438
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
56c288a0ae2cc72050b129446b880beedaceca767f581024c2123a106702487a
5951434b046e083c58d07fee67fc3c84058c9d43a5a2fe3ec4c7fba9d510b503
5abe9cfd90c2fc5af4b32eaa25a5820efb0ec435ac97b1fa251211b368fc0857
5f24381c7bab45eaabf32e1fc6cd4aa3c58af3becc5c2caf36a9e573c720d953
62eac6cc7764f198a40376ca3d34d7f32e89069fc6e5fef8707f1d2f35e06db8
637a61a096de083692f1a491cc29c4b1a692c9903b8839b376982bc216cb18c5
729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6
74435a4734fe95472bede86c0be515de8514da26867d931adc6eb82c2e4502f5
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
774bb09166b2c01fa867a450afdd01da761502edf5cc50d4a04adc647d395596
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c8502a9779608aac88a635e970d6291a6b24c7a8435bb5de4495a2fe1d4d7db
7ffd485c05f4fd239e22ea634e2abb1eca0482d4a0ba69632b9ba35ef9090f40
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e90a6e9e7f5fc6215ead7db9c607e10fd984f9983d8cbddbe03f9d8cd2da684
93a824040fe7a0bda7fb1432d3026ffb96dde0aa285a349e3bd025c5c57bc467
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9824cc6f0ddb480e7a23b915dab76d8d98f14045c52025af0ea110eeae97273e
9f8ae3503e101b20387d462f3d77969928ae713b665b729b01b35805cecad008
a4f6f51ae326512f2bafad7193332cbecf32f880b8291573411228f153ebeab1
a6b0965a100d87191864d04d5d9ab7e2c747733cc64e23b7a0bde66af8ac3318
b0f4fad4932e4a12c18b8dea2380f259790d3089133682c2b6aa02ea28f6cd92
b292832970ea488fe3acd1b179ceffe92834bc345e194d8ca23dcc71b39525fe
b416117944d8844bda5c775a134a53e084aaf5b54b448e7167ca4e2491fb33fb
b852c65a3ab090ecbbfc8392fcdfbbba8c357cd6f5aa57b7c28a8a4299b8e984
b9c861bd10479e607f8e86931f6d2e11e51fe6417f6eba04c66edd895f28dad6
bf1bfc016446211ab687bd00ebb2817f05b461e87682cb66826250ab79546d92
ca2294de974f7a958be542144b02c66a0f694b8b7f77df00c8c4d849d973ceb2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd24ef33ca1f2a54c981fccaf10c599d963932808dbe211da18f1f948c45954
ccfe42c28f31052e3c1301b78a0218025bce41a1d76197b230e0c94369f8a938
cee0797bcb8a45c3045036e814bd305a1b3c2942cc28b4701efc1b3c81bdf0b1
d458a9c563743bd5564d282ee08dea6c1bb9d66e966b0ddeff85cb0864c87c88
d4f0d2a7b8d4c0e23add6f9b7e81106edef8d32f6ce89c3a430999ab41fef3ca
d89bc541f7d3aa77aacd01524603e8d0ab1e9de357ffe5a7749db085e09e698c
dc066fde464400d9032014c4d05d75c34ba2c3bc421e5d4759953ebc8276d93b
e1497036d286607cea1d5c9aad56ea4611414fe0ff4e900162dbc7dee499a022
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a
e55faf39ac5a7ab52fcdf5da9b19b7ad0a594e81a96ffc163d8caae81c3c1dd2
eb2a9aba22bfbb8d136886a5132fb6a792c27788e24e1b634252ecc5648e1680
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef5379b6e288a9e91602d322722a1a74a887dd4ea23cc4e2738482d6feeec5
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f32b61f7376cde47cee25dd3b2718457b86d2e916f2676b9dc8b3c674bb91e58
f5b1e9b30dc70b0eacd4e51701aeb9b7133b6dc2941a31b7fa8ad28e3b577931
f6b97b7065feb8b87905137466e943cb5b0534d9bba399a9fe81d926f7f46a8a