www.healthsafe-id.com Open in urlscan Pro
149.111.166.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.yourhealth-wellnessteam.com/u/?qs=f37de9f1cd8d0c4ae5abd20e5b85bf15682ccf0cc1b46f6fc5b2c295b209766192d4325b3cad3326f61b4a0e60...
Effective URL:
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On August 24 via manual (August 24th 2023, 11:27:04 pm UTC) from US — Scanned from US

Summary HTTP 75 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 19 domains to perform 75 HTTP transactions. The main IP is 149.111.166.210, located in United States and belongs to UHC, US. The main domain is www.healthsafe-id.com. The Cisco Umbrella rank of the primary domain is 43689.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 8th 2023. Valid for: a year.

This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.39.86 13.111.39.86	14340 (SALESFORCE) (SALESFORCE)
1 1	52.167.10.111 52.167.10.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	149.111.144.83 149.111.144.83	10879 (UHC) (UHC)
2 13	149.111.166.210 149.111.166.210	10879 (UHC) (UHC)
10	2600:9000:26f... 2600:9000:26fa:b000:3:b102:a080:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:141b:e80... 2600:141b:e800:1192::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	35.83.4.243 35.83.4.243	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:180d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	168.183.37.177 168.183.37.177	10879 (UHC) (UHC)
1	45.60.31.26 45.60.31.26	19551 (INCAPSULA) (INCAPSULA)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	54.175.238.162 54.175.238.162	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.38.15 63.140.38.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	75.101.158.101 75.101.158.101	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.36.104 63.140.36.104	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
16	192.225.158.132 192.225.158.132	30286 (THM) (THM)
1 1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1 2	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
2	52.206.162.54 52.206.162.54	14618 (AMAZON-AES) (AMAZON-AES)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	192.225.158.3 192.225.158.3	30286 (THM) (THM)
75	20

1 13.111.39.86 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.yourhealth-wellnessteam.com

click.yourhealth-wellnessteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.167.10.111 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

account.optumbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.144.83 (United States) 1 redirects

ASN10879 (UHC, US)

sso.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 149.111.166.210 (United States) 2 redirects

ASN10879 (UHC, US)
PTR: healthsafeid-hcc-elr.optum.com

www.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:26fa:b000:3:b102:a080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:e800:1192::1e80 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.83.4.243 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-4-243.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:180d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.183.37.177 (United States)

ASN10879 (UHC, US)
PTR: cdc-aem-ctc.optum.com

cdc-aem.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.31.26 (United States)

ASN19551 (INCAPSULA, US)

member.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.238.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-238-162.compute-1.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.15 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-15.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.158.101 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-158-101.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-104.data.adobedc.net

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.225.158.132 (United States)

ASN30286 (THM, US)

rba-screen.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Old Bridge, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.232.176 (United States) 2 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.232.177 (United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.162.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-162-54.compute-1.amazonaws.com

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.225.158.1 (United States) 1 redirects

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	healthsafe-id.com 2 redirects www.healthsafe-id.com — Cisco Umbrella Rank: 43689 cdn.healthsafe-id.com — Cisco Umbrella Rank: 50143 rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 51740	671 KB
7	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 18690	9 KB
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 37790 siteintercept.qualtrics.com — Cisco Umbrella Rank: 850	70 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2686 15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net	17 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 449	190 KB
5	optum.com 1 redirects sso.optum.com — Cisco Umbrella Rank: 47614 cdc-aem.optum.com — Cisco Umbrella Rank: 54702 smetrics.optum.com — Cisco Umbrella Rank: 17619	16 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	208 KB
2	glassboxdigital.io report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 19426	3 KB
2	mookie1.com 1 redirects ib.mookie1.com — Cisco Umbrella Rank: 3273	2 KB
2	ib-ibi.com 2 redirects global.ib-ibi.com — Cisco Umbrella Rank: 2266	940 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	957 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 7298	291 KB
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 18770	857 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1143	517 B
1	werally.com member.werally.com — Cisco Umbrella Rank: 52180	892 B
1	optumbank.com 1 redirects account.optumbank.com — Cisco Umbrella Rank: 142991	1 KB
1	yourhealth-wellnessteam.com 1 redirects click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 187463	232 B
75	19

	Domain	Requested by
16	rba-screen.healthsafe-id.com	cdn.healthsafe-id.com rba-screen.healthsafe-id.com cdn.gbqofs.com
13	www.healthsafe-id.com	2 redirects www.healthsafe-id.com cdn.healthsafe-id.com
10	cdn.healthsafe-id.com	www.healthsafe-id.com cdn.healthsafe-id.com
6	dpm.demdex.net	2 redirects www.healthsafe-id.com
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com www.healthsafe-id.com siteintercept.qualtrics.com
5	assets.adobedtm.com	cdn.healthsafe-id.com assets.adobedtm.com
4	h.online-metrix.net	1 redirects rba-screen.healthsafe-id.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	report.uhg.glassboxdigital.io	www.healthsafe-id.com cdn.gbqofs.com
2	ib.mookie1.com	1 redirects
2	global.ib-ibi.com	2 redirects
2	match.adsrvr.org	2 redirects
2	www.google.com	www.healthsafe-id.com
2	smetrics.optum.com	www.healthsafe-id.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	cdc-aem.optum.com	www.healthsafe-id.com
2	cdn.gbqofs.com	www.healthsafe-id.com cdn.gbqofs.com
1	15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	www.healthsafe-id.com
1	cm.g.doubleclick.net	1 redirects
1	unitedhealthgroup.tt.omtrdc.net	www.healthsafe-id.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	member.werally.com	www.healthsafe-id.com
1	sso.optum.com	1 redirects
1	account.optumbank.com	1 redirects
1	click.yourhealth-wellnessteam.com	1 redirects
75	27

This site contains links to these domains. Also see Links.

Domain
account.optumbank.com
www.uhc.com

Subject Issuer	Validity	Valid
healthsafeid-hcc.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-04-08` - `2024-04-07`	a year	crt.sh
cdn.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2023-06-07` - `2024-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh
cdc-aem.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-08-01` - `2024-07-31`	a year	crt.sh
*.werally.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-28` - `2024-07-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
rba-screen.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2023-04-24` - `2024-04-23`	a year	crt.sh
uhg.glassboxdigital.io Amazon RSA 2048 M01	`2023-03-01` - `2023-11-07`	8 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-03-03` - `2024-03-04`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Frame ID: 391982621CBA06D4EBE6CBCFCF674BA7
Requests: 50 HTTP requests in this frame

Frame: https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: BBFD9EA8B0D3DE2421ED8FFAF7ECDC21
Requests: 2 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 16BD9BA643F2E17109DB72AA717E1F60
Requests: 4 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jb=373b2424687b6f7d35576b6e64677773266a7b6f3d576966666f75712530323330246a7160773f416a7a6f656d26687362354368726f6565253230393336
Frame ID: 8D23EDFAF9AD124CA0C08CB989EC96A9
Requests: 13 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/HP?session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 0E43473F78A62D4AC201EABDFED02DEB
Requests: 3 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2
Frame ID: BAAAF23380B350D6A205729018992C66
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2
Frame ID: FCBFA28CAA5A68ECA1F082C0785F05B4
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2
Frame ID: 388271FB7405C3CFD53BDA1838B93613
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - OptumBank

Page URL History Show full URLs

https://click.yourhealth-wellnessteam.com/u/?qs=f37de9f1cd8d0c4ae5abd20e5b85bf15682ccf0cc1b46f6fc5b2c295b209766192d432... HTTP 302
https://account.optumbank.com/account/deeplink/statements HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&... HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/JAucmko6Ve/resume/as/authorization.ping&spe... HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

75
Requests

92 %
HTTPS

23 %
IPv6

19
Domains

27
Subdomains

20
IPs

2
Countries

1475 kB
Transfer

4971 kB
Size

39
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://account.optumbank.com/

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/accessibility
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.yourhealth-wellnessteam.com/u/?qs=f37de9f1cd8d0c4ae5abd20e5b85bf15682ccf0cc1b46f6fc5b2c295b209766192d4325b3cad3326f61b4a0e603fd0bf2f97463d20442116 HTTP 302
https://account.optumbank.com/account/deeplink/statements HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid&state=BfM1GharvcGbVf3KDaBT5xNuQRvdtX8A5CJqJyYi7YI%3A%2Faccount%2Fdeeplink%2Fstatements%3Fbrand%3Doptum%26portal%3Doptum&pfidpadapterid=HsidNewUIOidc&portal=cap HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/JAucmko6Ve/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://account.optumbank.com/login/callback&portal=cap&client_id=bank-cloud-prod HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiQy1aVXUyUnFlZ2lHeUtRRDVjbnZWc0FjTzBJIiwic3VmZml4IjoibGl4eUFrLjE2OTI5MTk5MTUifQ..dx1WYGROKzdURbYZtfyJjw.HXPBQpqhmFquB87q6Wq56SHZKdGYfpNW5libBc5cdSzEMZS5qd8osHoXkcZWqCEwXM3ECuauZx1V6iYNCQZA-Z0KrK7tog7SwcOUcBN3K_A4mRardhfrMgMpvQJGeOClaMMZ8xe_KAu9YnIjtMm4h8Wai5YLLTDCgGqHdJLyY9EeeYHZw1s3ZmkEr6paaDEcjT36e9hz5GJdhoBs2qVW2XFdOeOP6LoM49eJZSmyHKBgJDg5EbOTErdT6O3_aM-qI_aIdUGvUYdvMdQQOh1O7DAgONT6NKIIIILqwiWtVBM.KIk_FBkU3anADdQkTM4TQQ&nonce=p_t7n1Tzejsd8pyOE_qrHwgRz6aiMlF2q9fC1TbkIaY&acr_values=BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300

Request Chain 34

https://cm.everesttech.net/cm/dd?d_uuid=06266716802578699391250538814594210443 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOfnQgAAAL7c6AN-

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDYyNjY3MTY4MDI1Nzg2OTkzOTEyNTA1Mzg4MTQ1OTQyMTA0NDM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEISkkaaBV-SqCy2yZdQwZ6w&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 42

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5b2ed93d-3ee2-414c-bd1a-e889a3879b25

Request Chain 44

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=06266716802578699391250538814594210443 HTTP 302
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=06266716802578699391250538814594210443 HTTP 302
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=06266716802578699391250538814594210443&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443 HTTP 302
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443

Request Chain 62

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&k=2

75 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
www.healthsafe-id.com/rt/
Redirect Chain

https://click.yourhealth-wellnessteam.com/u/?qs=f37de9f1cd8d0c4ae5abd20e5b85bf15682ccf0cc1b46f6fc5b2c295b209766192d4325b3cad3326f61b4a0e603fd0bf2f97463d20442116
https://account.optumbank.com/account/deeplink/statements
https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid...
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/JAucmko6Ve/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https:...
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAu...

4 KB
2 KB

62ms
62ms

Document
text/html

149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

b0bee52d70ab5483f94a29e3be356a0444c4c7b710813296e9ba6a54b55f21de

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:56 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtSInfo;desc="1"
Strict-Transport-Security: max-age=300; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-4
X-ruxit-JS-Agent: true

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type: text/html;charset=utf-8
Date: Thu, 24 Aug 2023 23:26:55 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Pragma: no-cache
Referrer-Policy: origin
Server-Timing: dtSInfo;desc="1"
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-4
X-ruxit-JS-Agent: true

GET
H/1.1 200
OK bundles-average.js Show response
www.healthsafe-id.com/assets/ 994 B
2 KB 162ms
161ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/assets/bundles-average.js

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

34f6e869971dfe8f81b5028ee309662950bb6503844109303502add05aa86327

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:56 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Via: 1.1 google
Transfer-Encoding: chunked
X-Ion-Hop: 1
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1931652668"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200
OK ruxitagentjs_ICA27NVdefghjqrtux_10267230522124059.js Show response
www.healthsafe-id.com/ 231 KB
88 KB 258ms
112ms Script
text/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjqrtux_10267230522124059.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

ca5dc2c8c576daa47a421172dc3494f0629bac2071a9d5f19e1c953b434f0481

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:56 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 89452
X-XSS-Protection: 1; mode=block
Expires: Fri, 23 Aug 2024 23:26:56 GMT

GET
H/1.1 200
OK bundles-average.js Show response
www.healthsafe-id.com/assets/ 208 KB
120 KB 176ms
175ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

859a336a433020d8695e5bdc86c53c0361d8bd8bbc710edfcd6e10f2935081ca

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:56 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-ps-id: hsid-prod-elr-4
Via: 1.1 google
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
X-Ion-Hop: 1
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
Server-Timing: dtSInfo;desc="1"
X-XSS-Protection: 1; mode=block

GET
H2 200 index.0d7fec49.js Show response
cdn.healthsafe-id.com/static/js/ 497 KB
156 KB 264ms
107ms Script
application/javascript 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6fd152614aba78b5e07d117fe7ca3d7a0a41b196662698e7b156cf9d016f095

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: t1XMsPcPOXFZu7tZnPtEcgWkELNY5Yy.
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:57 GMT
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"395812107a1cd7a810e2dff64b6ac301"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Z4oFiX0veDRL7GHHA1hsMIsaTMlXWgb41YbKtkk1MgRZ3wHlrv1zog==

GET
H2 200 unsupportedBrowser.3426666d.js Show response
cdn.healthsafe-id.com/static/js/ 2 KB
1 KB 250ms
94ms Script
application/javascript 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/unsupportedBrowser.3426666d.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: TVTcYwIapnCIGI9BH0E6eg6BdxU31ri8
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:57 GMT
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"cbcb1d91a1505564a4121e8bf5972b13"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: WXs2GNHoLL0WaOpYrbX1N-SAGn-wjcuqy1Bop0879i274m54O9tFQQ==

GET
H2 200 index.36f70783.css
cdn.healthsafe-id.com/static/css/ 88 KB
15 KB 256ms
100ms Stylesheet
text/css 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea803adc6918df0de1d4cfb11ec88d1ff01552102dee4b0ddbacffdac99b8dbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: uteGwmxekE1BKURhSJYTj6UULP6V_DvU
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:57 GMT
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"a200d7f54301cade5e0294c77e507ca5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: K5YM0UoytaKIy_Gzxq50sy4fH_eL1-qM1iwbZzAzc2xrZ5an_8Wdng==

GET
H2 200 launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js Show response
assets.adobedtm.com/ 524 KB
103 KB 126ms
35ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b28bd866e643de789ec8763657c5a7ab99f1f059cafeb91d92701dedcd613037

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:04 GMT
server: AkamaiNetStorage
etag: "dc10a521a6ef0b6419d76d2dc3e123d4:1692686524.147878"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 105310
expires: Fri, 25 Aug 2023 00:26:57 GMT

GET
H/1.1 200 en Show response
www.healthsafe-id.com/uiconfig/cap/ 2 KB
2 KB 209ms
209ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/uiconfig/cap/en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

1ede27e307ba66233a048c3311c1ee04dac2a662b449d7b7077e5354ec76a861

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-dtpc: 39$319616654_709h2vJNGFCJHOHMMBNONJOWPHPVPANLHJURIM-0e0

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="1"
Content-Length: 746
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H/1.1 200 en Show response
www.healthsafe-id.com/hsid2/content/cap/ 51 KB
16 KB 290ms
289ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid2/content/cap/en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

e6e7252ae36160ed4ab51df7cfe78e94f93b52af86fdaf18f9e062cf8be789e6

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-dtpc: 39$319616654_709h3vFUNUCHTHJGKKPSPMAJAEUCHSJAKOMMIT-0e0

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="1"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H3 200 UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
cdn.healthsafe-id.com/static/media/ 23 KB
23 KB 165ms
116ms Font
binary/octet-stream 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: FJzoRj_9jWpO4cPJl1_4gbWFbX7iacei
date: Thu, 24 Aug 2023 23:26:58 GMT
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23212
last-modified: Thu, 17 Aug 2023 05:05:42 GMT
server: AmazonS3
etag: "bcbe88fab9e22b1eac7a432af94051c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: eljANc3t0jo6XN36UTlH08MxjkDFtt1tpIHEW8U22ydvhCoT5p7Ukw==

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300

976 B
1 KB

93ms
93ms

XHR
application/json

35.83.4.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0

Protocol

HTTP/1.1

Server

35.83.4.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-4-243.us-west-2.compute.amazonaws.com

Software

Resource Hash

2f96724a1532ec7d4b0ed4f514311d48a4c986200f73fe75fa9c0e9980eb542e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v046-07d37c089.edge-usw2.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: tzrdtT9YSZY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 561
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v046-087bdb9c3.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: io3NgHwCTmk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1692919617300
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 331 KB
85 KB 34ms
34ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8f3f22a768ac5db6d74b6300ce0be9e2db425ef538daed637c452f64d18d7b3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 86497
expires: Fri, 25 Aug 2023 00:26:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
64 KB 98ms
40ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34a41cc751325e7c02aedc635a56cff37250424874c26802ea8fd6f3ce2480d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:56:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 23:26:57 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/hsid/p/ 482 KB
145 KB 118ms
38ms Script
application/javascript 2606:4700::6812:180d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
x-amz-version-id: FlDmaO34SKSn_z5bcjsCcAF_z9ckwxwI
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 1747
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Aug 2023 21:08:47 GMT
server: cloudflare
etag: W/"349a412f01157bf1e84d91d933702c5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fbf5cf8f88f4bcd-BUF
x-amz-cf-id: PMIxikv8DB04NEAAeszdMamEIIUjPskMIwQxW8jEYO0rJHKNKmFqbw==
expires: Fri, 25 Aug 2023 03:26:57 GMT

GET
H2 200 566.6f52c781.chunk.js Show response
cdn.healthsafe-id.com/static/js/ 22 KB
8 KB 102ms
99ms Script
application/javascript 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/566.6f52c781.chunk.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe7c9f7414b241f818b0d5e420b58e1d7fbb5629750363e1770292afd7981c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 7W9bGohF1sd6D4M4R1t5IYdmnvc._gq9
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:58 GMT
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"bf19e1b5e769034fea054388bda274ee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1ctFPw9KqfSmv0tprLAAISJjQLlt3J0B-uqWc1048nGikhiKTxTmDw==

GET
H2 200 384.3b04811e.chunk.css
cdn.healthsafe-id.com/static/css/ 4 KB
2 KB 59ms
57ms Stylesheet
text/css 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/css/384.3b04811e.chunk.css
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff981b7e5571ccedd8af168bea422e72d13532c538226caadae6386831fc372

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: P5JBd0iD1Fl6Bd8qQUClwhlKorGwUHEl
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:58 GMT
last-modified: Thu, 17 Aug 2023 05:05:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"d522272e2852405bb7e417bbe0a346d0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 56oT1JVz6YFPt8ZnV3EgcnpW2T-noMnRyl-hDQktQTTiL-m8DcIPqg==

GET
H2 200 384.deb1e379.chunk.js Show response
cdn.healthsafe-id.com/static/js/ 27 KB
9 KB 57ms
55ms Script
application/javascript 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/384.deb1e379.chunk.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71e75a5824600b7387d3e7bbf8769685d52e184fd28749a23ab7bd17ca7ebf72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: pDyJFVigiTebzBqYKtAxkoqLErW8sO3y
content-encoding: gzip
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 23:26:58 GMT
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
etag: W/"7eac89649d059e737360ea46538058ad"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: whRn8GwxfypJQlFXSnVrwkQPbrefNI2HpYEyuY1FXVImzv8k6uKsEA==

GET
H/1.1 200
OK HSID_Logo.png
cdc-aem.optum.com/content/dam/hsid/ 3 KB
3 KB 366ms
59ms Image
image/png 168.183.37.177
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdc-aem.optum.com/content/dam/hsid/HSID_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.177 , United States, ASN10879 (UHC, US),

Reverse DNS

cdc-aem-ctc.optum.com

Software

Resource Hash

eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Thu, 24 Aug 2023 17:04:57 GMT
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 2623

GET
H/1.1 200
OK OptumBank_Logo.png
cdc-aem.optum.com/content/dam/hsid/ 12 KB
12 KB 366ms
60ms Image
image/png 168.183.37.177
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdc-aem.optum.com/content/dam/hsid/OptumBank_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.177 , United States, ASN10879 (UHC, US),

Reverse DNS

cdc-aem-ctc.optum.com

Software

Resource Hash

e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Thu, 24 Aug 2023 17:04:58 GMT
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 12048

GET
H2 200 system-arrow-md.svg Show response
member.werally.com/assets/icons/ 328 B
892 B 161ms
73ms XHR
image/svg+xml 45.60.31.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/icons/system-arrow-md.svg

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 28 Jan 2022 00:25:20 GMT
x-cdn: Imperva
etag: "61f337f0-148"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 7-25187772-25184792 2VNN RT(1692919617182 34) q(0 0 0 11) r(0 0)
access-control-expose-headers: Content-Length,Content-Range
x-incap-sess-cookie-hdr: 7qM5Dj19Qm6Q7vneXiA5EEHn52QAAAAAvm19netHyF5lmZAxaC7mCQ==
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 242

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
cdn.healthsafe-id.com/static/media/ 15 KB
15 KB 105ms
104ms Font
binary/octet-stream 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: HGwCCht3nDLb2Kam6W30iNUhZg0ME.r3
date: Thu, 24 Aug 2023 23:26:58 GMT
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15176
last-modified: Thu, 17 Aug 2023 05:05:42 GMT
server: AmazonS3
etag: "0d39e9365e15137bddeae2f4bf530b47"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: qKJTTE9SF4Ikgvmw6ZIgtNrBdmvSyqhAw_gf4oFI6VICYLTrMiXEDg==

GET
H3 200 FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
cdn.healthsafe-id.com/static/media/ 15 KB
16 KB 116ms
115ms Font
binary/octet-stream 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: fuo3bvev9jE27EHDuHn4hlfvgN56CFAc
date: Thu, 24 Aug 2023 23:26:58 GMT
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15548
last-modified: Thu, 17 Aug 2023 05:05:41 GMT
server: AmazonS3
etag: "4d8f0b88bbe9f14c9413d24618d29e6b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: Jr7UiSRAUJeolw4ods8-prsM7In1w2egkNLf1Uvdf2JCqErdbQemqw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 43ms
42ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56915feca11e91e6f98514dceb86c5a3c18d0c8ca93a4657e80f08310029cc4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74994
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:56:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 23:26:57 GMT

GET
H/1.1 200 crossStorageHub Show response
www.healthsafe-id.com/protected/ Frame BBFD 1 KB
2 KB 91ms
90ms Document
text/html 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/protected/crossStorageHub

Requested by

Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src ; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' ; frame-ancestors 'self' https://www.healthsafe-id.com/;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://www.healthsafe-id.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, PUT, GET
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 463
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://www.healthsafe-id.com/;
Content-Type: text/html;charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:57 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtSInfo;desc="1"
Strict-Transport-Security: max-age=300; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: ALLOW-FROM https://www.healthsafe-id.com/
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-1

POST
H/1.1 200 inbound Show response
www.healthsafe-id.com/hsid/setup/ 59 B
1 KB 105ms
104ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid/setup/inbound

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/json
Accept: application/json
x-dtreferer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-dtpc: 39$319616654_709h6vINEFAJCFJLUJLPQKGFEVGNPQNNNRWDHS-0e0

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="1", dtTao;desc="1"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, remember-me, csrf-token, Q5eim0SSzm-a, Q5eim0SSzm-b, Q5eim0SSzm-c, Q5eim0SSzm-d, Q5eim0SSzm-f, Q5eim0SSzm-z
Expires: 0

GET
H/1.1 200 rbaurl Show response
www.healthsafe-id.com/hsid/ 40 B
880 B 179ms
86ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid/rbaurl?portalBrand=cap&lang=en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-dtpc: 39$319616654_709h7vWLHOMNUDNVMCNNKWHHQMITMMCFIHFGUS-0e0

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-509295273"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 3 KB
2 KB 129ms
54ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1692919617712&cv=11&fst=1692919617712&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FJAucmko6Ve%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FywTnWYSISE%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=HealthSafe%20ID%C2%AE&auid=1108710023.1692919618&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b42e0011feba81137f84f8b46ff9e2fe31dd96652cb4338d7f2fc6b78c543c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1540
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 hub-1.0.0.min.js Show response
www.healthsafe-id.com/js/vendor/cross-storage/ Frame BBFD 2 KB
2 KB 78ms
77ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/js/vendor/cross-storage/hub-1.0.0.min.js

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/protected/crossStorageHub

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/protected/crossStorageHub
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="1"
Content-Length: 1040
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-4
Last-Modified: Thu, 10 Aug 2023 14:20:36 GMT
ETag: "04c82b203564443ec792dcef8f6d48511-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET
H/1.1 200 info Show response
www.healthsafe-id.com/protected/tmx/ 732 B
1 KB 177ms
166ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/protected/tmx/info?HTTP_TARGETPORTAL=CAP

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

e9cbaa037570b2f563483466425238aae8953347ca0c9e381012a7b784f51f5f

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FJAucmko6Ve%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FywTnWYSISE%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
x-dtpc: 39$319616654_709h8vDQATNGMDEOARCEHAOWUAFHMJJPCHDFHU-0e0

Response headers

Date: Thu, 24 Aug 2023 23:26:57 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-409433159"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-2
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H3 200 UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
cdn.healthsafe-id.com/static/media/ 22 KB
22 KB 107ms
105ms Font
binary/octet-stream 2600:9000:26fa:b000:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26fa:b000:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: uyc2ZFLhSAdOxgFWijypikxNj4X_2VHW
date: Thu, 24 Aug 2023 23:26:58 GMT
via: 1.1 6d137176634825df2648120ac1bcc782.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22420
last-modified: Thu, 17 Aug 2023 05:05:42 GMT
server: AmazonS3
etag: "52d7c5312a4fab395e904f90fe0d47cb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: fc-pgAq5rIddZt2SphCD9hWOfP6_MRzicKDwcf-N1NEpvaWnx1UlhQ==

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 16BD 7 KB
3 KB 259ms
51ms Document
text/html 54.175.238.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.238.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-238-162.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v049-0532594e1.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zC7p517nRt0=
content-encoding: gzip
date: Thu, 24 Aug 2023 23:26:58 GMT
last-modified: Wed, 28 Jun 2023 13:21:12 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
461 B 159ms
38ms XHR
application/x-javascript 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=05301889619596307462212165662007575906&ts=1692919617862

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

62886ff4d416325f2b53644308ebbe3b4682622e7409f403f46de16754cbd442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.healthsafe-id.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZOfnQgAAAL7c6AN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06266716802578699391250538814594210443
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOfnQgAAAL7c6AN-

42 B
942 B

89ms
88ms

Image
image/gif

35.83.4.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOfnQgAAAL7c6AN-

Requested by

Protocol

HTTP/1.1

Server

35.83.4.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-4-243.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-05496aaf7.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6XNbAztZT2Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOfnQgAAAL7c6AN-
Date: Thu, 24 Aug 2023 23:26:58 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
857 B 310ms
104ms XHR
application/json 63.140.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=20e6f792ea3b4251a40d40a224a42add&version=2.10.0

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-104.data.adobedc.net

Software

jag /

Resource Hash

a968f85275e651446ef5f7c4641a47e7e843d2416df7a87b7246551795b3a169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: d17fe19f-6f23-4dfb-8fec-df4a6b575d85

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
455 B 111ms
43ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1692919617712&cv=11&fst=1692918000000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FJAucmko6Ve%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FywTnWYSISE%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1396493642&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
rba-screen.healthsafe-id.com/fp/ 95 KB
13 KB 302ms
91ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&page_id=PAGEID

Requested by

Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.0d7fec49.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0ee55ec487ffb09324f262449845a9331d1abb1f2b4edb063395e669afd9936c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEISkkaaBV-SqCy2yZdQwZ6w&google_cver=1
dpm.demdex.net/ Frame 16BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDYyNjY3MTY4MDI1Nzg2OTkzOTEyNTA1Mzg4MTQ1OTQyMTA0NDM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEISkkaaBV-SqCy2yZdQwZ6w&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

93ms
92ms

Image
image/gif

35.83.4.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEISkkaaBV-SqCy2yZdQwZ6w&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

35.83.4.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-4-243.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-066a910b9.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: v4Qmri3rQtA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEISkkaaBV-SqCy2yZdQwZ6w&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 801 B
722 B 34ms
34ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e0762439f8f2b7ab880bbf57924d25b3010383300e18f5215f094184996f49ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 462
expires: Fri, 25 Aug 2023 00:26:58 GMT

POST
H2 200 s11991405828005 Show response
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/ 43 B
421 B 98ms
35ms XHR
image/gif 63.140.38.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/s11991405828005

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-15.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 25 Aug 2023 23:26:58 GMT
server: jag
etag: 3635517198543945728-4617754768636017880
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 23 Aug 2023 23:26:58 GMT

GET
H2 200 RC988afc3b66874ae2a6d13fa04312eecb-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 312 B
456 B 34ms
34ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 215d426318e178abe82efa0e7d178a3719df4726785cb3716d842a28fbca5a5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 196
expires: Fri, 25 Aug 2023 00:26:58 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=5b2ed93d-3ee2-414c-bd1a-e889a3879b25
dpm.demdex.net/ Frame 16BD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5b2ed93d-3ee2-414c-bd1a-e889a3879b25

42 B
942 B

92ms
91ms

Image
image/gif

35.83.4.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5b2ed93d-3ee2-414c-bd1a-e889a3879b25

Requested by

Protocol

HTTP/1.1

Server

35.83.4.243 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-4-243.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v046-01194f935.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bYeXjsAZRWM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=5b2ed93d-3ee2-414c-bd1a-e889a3879b25
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 48ms
47ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-959766874

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

692ed5948273497b00456c97d68c6b522d89cb09cd65d354de1f42abe6ca8e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72335
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:56:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 23:26:58 GMT

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 16BD
Redirect Chain

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=06266716802578699391250538814594210443
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=06266716802578699391250538814594210443
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=06266716802578699391250538814594210443&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443

120 B
926 B

85ms
85ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443
Protocol: HTTP/1.1
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS06
Content-Length: 120
Expires: -1

Redirect headers

Date: Thu, 24 Aug 2023 23:26:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=06266716802578699391250538814594210443
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS03
Content-Length: 223

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/ 3 KB
2 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/?random=1692919618386&cv=11&fst=1692919618386&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FJAucmko6Ve%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FywTnWYSISE%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=Sign%20in%20-%20OptumBank&auid=1108710023.1692919618&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959766874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3486813cbf6c9f72fbfa13ecaeb28e1288ea769c32da11701734c183d34708f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1547
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/959766874/ 42 B
108 B 46ms
45ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959766874/?random=1692919618386&cv=11&fst=1692918000000&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FJAucmko6Ve%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FywTnWYSISE%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2189324142&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 23:26:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC27118b4cbb854aff86652bc960a05b5e-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 1 KB
917 B 34ms
34ms Script
application/x-javascript 2600:141b:e800:1192::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC27118b4cbb854aff86652bc960a05b5e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:e800:1192::1e80 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 17dfbfe5b4e4f091c7b624ccc5da01494002871598c1f9c25c2d10dc8d14e7c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 657
expires: Fri, 25 Aug 2023 00:26:58 GMT

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ 529 B
2 KB 199ms
43ms XHR
application/json 52.206.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/cls_report?_cls_s=fa829d03-c42e-466a-819f-5dca3ecac6bb%3A0&_cls_v=7579ec4d-0eb7-4a06-836f-880a42aaecfd&pv=2&f_cls_s=true

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-162-54.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

ced37cfef6acb0adea6190ffb9c9bf86fa87e41c62657b57d4187d70400f7c78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 329
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
access-control-allow-credentials: true
GB-Server: g5045
X-Robots-Tag: noindex

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 126ms
55ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba119cd412abee025ac72eb4850fe81e2463ccd0ccd47e7159c0a812a9e64a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 516426
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-yj8TYaMKi8I8bcoVc7pZH7DqO1A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7fbf5d006a97a223-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 200
OK check.js;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8 Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 438 KB
83 KB 107ms
106ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jb=373b2424687b6f7d35576b6e64677773266a7b6f3d576966666f75712530323330246a7160773f416a7a6f656d26687362354368726f6565253230393336

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&page_id=PAGEID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

385625f997dd74f50f8c3b8636309ddca1ed531ed762e577ef8a819c24fbd8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 603062e93d9f81a2
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 8D23 81 B
475 B 280ms
88ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/hsid/p/ Frame 8D23 482 KB
145 KB 36ms
35ms Script
application/javascript 2606:4700::6812:180d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
x-amz-version-id: FlDmaO34SKSn_z5bcjsCcAF_z9ckwxwI
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 1748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Aug 2023 21:08:47 GMT
server: cloudflare
etag: W/"349a412f01157bf1e84d91d933702c5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7fbf5d0008dc4bcd-BUF
x-amz-cf-id: PMIxikv8DB04NEAAeszdMamEIIUjPskMIwQxW8jEYO0rJHKNKmFqbw==
expires: Fri, 25 Aug 2023 03:26:58 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 8D23 81 B
475 B 281ms
89ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ Frame 8D23 529 B
2 KB 103ms
40ms XHR
application/json 52.206.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-162-54.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

3eab67c3ee182fd280acc4d630cc9fa63a0a40db14d7b75c4ee193713d1c23ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 331
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
access-control-allow-credentials: true
GB-Server: g5035
X-Robots-Tag: noindex

GET
H2 200 12.f3d25ebe8c96530b2fc2.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 50ms
48ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 194718
cf-polished: origSize=71575
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11797-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7fbf5d00fb61a223-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 75 KB
6 KB 96ms
95ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd4b9fee766431128cde5fea01c9de823f0d4625d59fd5c14e643e661d74350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 2d127e434691a743
cf-ray: 7fbf5d015be5a223-YYZ
timing-allow-origin: *

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 39ms
39ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f3d25ebe8c96530b2fc2.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 194717
cf-polished: origSize=105535
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19c3f-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7fbf5d020cd7a223-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 7.e410c6e4072cd30ceddd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1006 B 53ms
53ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.e410c6e4072cd30ceddd.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 194718
cf-polished: origSize=2803
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"af3-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7fbf5d02bdbea223-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.6bff9e45c450943efd56.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 50ms
50ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.6bff9e45c450943efd56.chunk.js?Q_CLIENTVERSION=1.97.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 194718
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 14 Aug 2023 18:23:36 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-189f54a0440"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7fbf5d02bdc0a223-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 200
OK HP Show response
rba-screen.healthsafe-id.com/fp/ Frame 0E43 19 KB
6 KB 99ms
98ms Document
text/html 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/HP?session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jb=373b2424687b6f7d35576b6e64677773266a7b6f3d576966666f75712530323330246a7160773f416a7a6f656d26687362354368726f6565253230393336

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ad1ad50cc74d6a9492788b02afa0a89de67dfc73ba6ae3dffb27c6d11d72b279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 5802
Content-Type: text/html;charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 81 B
537 B 276ms
88ms XHR
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 15saug00/603062e93d9f81a2b3c2f959-4c15-44e1-add1-ba2357b24c02
Referer: https://www.healthsafe-id.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 24 Aug 2023 23:26:59 GMT
Server: Apache
Etag: 32262afa79d44efd8ed292bba556a9bb
Content-Type: image/png
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Tue, 22 Aug 2028 23:26:59 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 8D23
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&k=2

0
387 B

93ms
92ms

Script
text/javascript

192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&k=2

Protocol

HTTP/1.1

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

a-sac.h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8 Show response
rba-screen.healthsafe-id.com/fp/ Frame BAAA 90 KB
14 KB 95ms
94ms Document
text/html 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

90d718a3b764039b13680de28c717e2d284a1a5b383e47492118b0b91b344404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 0
387 B 92ms
90ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jb=3134246e71693d6d38393364373b353666646d34373130693b6367663734306033613230633667

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8 Show response
h.online-metrix.net/fp/ Frame FCBF 103 KB
15 KB 284ms
91ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

a-sac.h.online-metrix.net

Software

Apache /

Resource Hash

39dceebef0f38f40856ea031ad3d6f5f8fc1c7405294e2a3fc0296c1441e464b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8 Show response
rba-screen.healthsafe-id.com/fp/ Frame 3882 90 KB
13 KB 124ms
92ms Document
text/html 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f0f2cc8af858ec101fd1e2522b086ed18727916b1e23c5da066f2877e2541897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 24 Aug 2023 23:26:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 0
218 B 172ms
91ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&ja=30313530242e63352536323026723d302666353136303070333232322663643f313430327a333032322e7370713d3278302e6470723d392c313630382e313032302e333430322c333032322e333e303824313030302431363030243132303024322c32246d763f63383a326360616661353f646c6e6464396569383431313c3730366231633763246d6c3f36267163663f3036246e603d607c747273253b412532462d324677777f2c6867636c766a716164652f6b662c616d65253a4e727625324e6c6f676966253246636972253044656c27314656415045475627314c687c7c707125323d334125323d324625323d30467575772c6a67616e746a716364672f6164266b6f6f25323d324672742d323532467b676377706527303732446177766a2730373a466b69702732353a46656e253a353346726d71756f67253037314427323730446371273a353a4e4a437563656b6f36566d253235324e706571776d6727303530466371273037304e617d7c686d7269726174696f662e70696e6f27323730367172676e7669767b273037314c6e7d646c2732353a3673636f78652532353b466f72676e6b662732373234706771726d66736d57747b70652d323533446b6f6465253a37323472666b66726166617224726e3f312e706035373a663230616136626b666265313931623531383563673066336066603066362e68603531313934693734393730383764303b35346131643530306261343b3134663a302e6a7b673d55696e6c6f7773253a303130266271623f4168706d6f6527323233333424687b6f7d35576b6e64677773266a7b62753d4360706f6f67266c6a613d36266c666f3f3a24666d7c783d32267472643d50616b696669632d30464a6d6e6d6e776c77266f63766a703f3c30383b643363326a656330326d366363353e32303a306166333735363033646636373a30313c3964346561693234646331346166626c3532313333333b34612464703f6a7676727b253b49253046253a46777777266865616c7c6a736364652f6b662e616f6f27304470762d324e646f65696e2d324663617825324665662733445641504547542733466a767672712d323d3b412732353a462532353a46777777266a65636e746a716366672d6b662c616d6f2d323d3a467074253a353246736d637572652d303530446177766a2530353044616372273a353a4e656c25323d334672657b756d65253a37334627323730446171253037304448437d6365636f3456652d323532467a6573756d6d2732373046637127323732446377766a6d7a697269746b6f6e2670696e672d323532367b72656c7669767b27323733466c776e6e273a353a3e73616f706d253235334c6f70656e61662530373234706773726f6c71675d767b78652d3a3531446367646525323d323670666166706366617224723d726c77656b6c5d6464617b6025374566696c736521786c756769665d776b6c646d75715f6f65666b635d726e69796d7a25374566696c736521786c756769665d61666d62675d6363706f6063762737476e61647b6523706c7d67696e5f797569636b7c6b6d6727354764636c716523726e77656b665f7b606f616b7769766525354d66616c736d23706e77676b6c5d7267616e726e637b677a253d4d66636c736d21706c756f696e5f7664615f726e617b677025374564636e716723786c7d6f696c5f646d76616c767a25354566696e736723706e7765696c5f7174655d746b6d776d7a25374566696c736521786c756769665d6a63746127374766636c716724656e5d6b3d7f6d62656c576d62474c253a30312e302d30302a4d70676c454c27323247512730323a2e382d323243687a6f6d697565295765624f4e253032474e514e25303047512730323326302d3a302a4f706d6e474c253a304553253a32474e514c2730324551253032332c32273a304b60726d6d697d6d2957656a4b6974576d604b6b76253032556560474e434c454e475769667b74636e636d645f61727a617973253b40253032455a565d626e656c665d6f6b6c6561702d33402532384558545f6b6f6c6f72576075646465705d6a616e665d646e6d63762d334a2d323245585c5f666c6f69745f626c6d6c64273142273032455a545d647063655d6c65787c682733422d323045585c5f7368616c67725d76657a767772675f6e6d662731402d32384d58565f746d787475726d5f636f6d7870657171696d6c5d6272746127314027303845505c5f7665787c7572655f6b6f6d70726d71736b6d6e5d70657461253140273032475054577c657a74757a655f6669647465725f696c69716d74706d726961253140273032475054577b524542253b422532304745535f6564676d676c745d6b6c6467785d776b6c76273b422d3a304d45535766626f5f7a656e64657a5d6d6b726d63722733402530324d47515d7b7469666463726457646572697e617469766d712531402530324d45515f76677a7677706d5f6e646f6374253b422532304745535f746d7a747770655d646e6f63745d6e6b6c67637a253b4a2530304f4d535f74657074757265576a616e645f646e6d61762531402730324d4d53577c657a74757a655f686164665f666c6763745d6e696c6763722733402730324d475b5f7e6d727665785761727261715f6f626a6d6174273142273032574742454e5d616d6e6772576a756466657a5f666c6f69742533422d3030554742454e5d636d6d7270677171676c5f7c6d787675726d5f6173746b253342253a32574740474e5d616f6f7070677171676657746d707477726557657463253b422532305f4742454e5f616d6f707065717167665d766d787c7d72675f657c633125334a253230574d40474e5d636d6f727267737167665d766770747d7a655d73337c632533422d323057454a454c5d616f6f727065717367665d76677a7c757a6d5f7133746b5f7372676a253342253a32574740474e5d66656075655d70676c666d726d7a5f6b6e6667253342253a305745424f4e5f666770766a5d7467787677706727314a253a3857474247445f6472617f5f6275666e677271273340273030554540454e5d6e6d7b65576b6f6c746570742533422d323057454a454c5d6f756e766b5f6672637533342465645f6035336466356c666634373c306464633c323767343260673265353466303737363439303c6c343035392e77676c7635496e7465642732324b6e612c2477656c703f4b6c766764253a38497069732d32304f706d6e474c253a32456c65696c67246361643f3a&jb=333737246e793d45677a6b6c6c692532463526302532302055696c666f75712732324e56273032333226302d3b422732305f696e36342d33422532387a36362b2530324370726c67556760496b7c253a4e3531372e3b36253230204b48544d442732412732326e6b6b672530324567616967292d3a30416872676d6525324e3131362e382c353a36352c333330273232516364637061253a4e3531372e3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net/fp/ Frame 8D23 81 B
438 B 549ms
89ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
rba-screen.healthsafe-id.com/fp/ Frame 0E43 208 KB
29 KB 106ms
105ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/HP?session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

59d0bdf9af07a5de228666d9fc4315ee9859894780f5dc2ce07ab1b7599b35cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 603062e93d9f81a2
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame BAAA 0
387 B 92ms
91ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jf=3134246e716a3d6b6a653531613c363435313c34643966303032353332673735623434673b673a

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 0
387 B 94ms
94ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jac=1&je=30363224246266663533246a66603d39393639373166626e3b3731356531343562633737366060313b6a633c3a633a266a6e746e3d30323330323a3b24706f3f6e6d2460617673763f273540273a32646d76676c253a32253341392e3030253a41253030737663767571253030273143273a326b606170676966672532322d374426617d66683f616135603b653465343a336161636b366e3a6135633131323933363b343662356b3131353b36603666386664363a3432323130666d3c663233666b6438343531266578333564316767353b61636635353336353534376c323c31333437353a346539326e666362383933336363

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8
rba-screen.healthsafe-id.com/fp/ Frame 8D23 0
400 B 98ms
96ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear1.png;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jf=36333a24716164577a6e663d746c725f45693d454a30566c6461716a58496e3b267169665d6663766735313e31323b31393e3139267361645f747978673d75676238676164716124716b665d696d79353b30373933383133303638373261383e363861673366323030333034323a30633a3e34306b653164303b3031303738333432303832346731353466343033373661666464643839383f356161636a39323730303435376638646133676163356764336567333b32316630626a6b343232386e653939313a396631653b6165303336666061323a306631353233373c306d3b656133646b393561306d653732346d333135613760336738353733323761303731333b6e312473696c5f73696735333034363830323332303a60636567336731366366613b653b30383464393e6533643730343966383b66623334633b6635356730343a366435373b31693b663b663469633530383d393130323a3330323a366733613433643633616360373137306c323b6364693635336639623637343f3b65633036303037323562343a356767606b613a3a633662336c376437366a267369667a3f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=4C1F69C1E36A5FEB90918DEA5D3126CE
h.online-metrix.net/fp/ Frame FCBF 0
400 B 97ms
95ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=4C1F69C1E36A5FEB90918DEA5D3126CE?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jf=36333624716164577a6e663d746c725f35596c676f65345237454d513471346b267169665d6663766735313e31323b31393e3139267361645f747978673d75676238676164716124716b665d696d79353b30373933383133303638373261383e363861673366323030333034323a30633a3e34306b653164303b3031303738333432303832343066373a67326663373430333434356b643f693535333730333939326a393337383b3361346634663b3434363033613360673738376b38656039396b346531383c646137363a3a626461633a616161366137353532633a6a38316a636130376c3231323031326361633b316563613564663037636435366434606439383b3d312473696c5f73696735333034343830323237643267343733343a3b643331303d313b3c376639646d6333646469366530656e603366373760633530676563643037633a39326d3d336763356b663562326e303232303a64303067623135333960363460306732333b373939633338323e623262316d643835613e67323a3b356663376566343532366430313c616a3c306330646d392673696e723d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

a-sac.h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=DB071E5A511AE4C08AD52951B4B8A8F8?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:26:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=F8F748D1C1EEDE199B608EFE289F974D Show response
rba-screen.healthsafe-id.com/fp/ Frame 0E43 35 B
557 B 92ms
91ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ARF;CIS3SID=F8F748D1C1EEDE199B608EFE289F974D?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&pageid=99998&sera_parametere=UEAOVlUABwsBAABVWVICCgMAUVVVVgAOAgEOBA4AVQJTVlAHBlFcXFEBDEBLQlxbWEBGREUXVn0WU3tDD3VEAAZaQFVaVwhcXRBKQwt1RAV0ABYHchdXCVsLShJLFFJ2EwdxFQF2Q11aWV9QWwNSU1RUAAEAAlJYVgBdBV1UAAEFAFZWAgtWWwJVXFYKVFkAVAAVXllcBlwOUglVCAdTVw8DVwlQClRYAUJTFQUBGQtVCQQHB1ZQWwVRCVcNAFhUV1EDBwMCAwsEV1pSAAZRUwIBAVFVBQEfUg0EVwgDVQsQWVoNGwNDSVpZAF8BCFkUXlsOFlQPJlFBC1QDHlMXDwcBBRZUXRYEZA1XAldGEhRVUg5EUkg6WlIIVQRZUgoUU0QOAQYE&count=0&max=0

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

bc54df4c3e8d66c2bc9d597732cc62cd93e355a88063b32e8dc532033d654fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&org_id=15saug00&nonce=603062e93d9f81a2&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:27:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 8D23 0
387 B 89ms
89ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=b3c2f959-4c15-44e1-add1-ba2357b24c02&nonce=603062e93d9f81a2&jac=1&je=33342424756d693531362c392e3a34392e343a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 23:27:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
account.optumbank.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 91aa11d29edeb99e9c8183fd82488c06
account.optumbank.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 91aa11d29edeb99e9c8183fd82488c06
account.optumbank.com/	1969-12-31 23:59:59	Name: auth_proxy_login Value: true
account.optumbank.com/	1970-01-20 14:15:20	Name: web_oauth2_proxy_csrf Value: sdU_fVR8Gc0hoZEfRR0cPjRy2U4--pgAu1aLScO4vArNnpWielCJSbADoklAualmbowS9ujtkMd6PW-MMfi0jkxZhb7DJq4Wo7naUFC2-n_uBdAZ4XtKaeA=\|1692919614\|FPzteZ6fLCNwjWfyKhcDxUDEDwtMPgUM0LN_kBDklpY=
sso.optum.com/	1969-12-31 23:59:59	Name: ext-PF Value: oc4q5KXUczj8IrQIpEmbMWgJF57ocI7eqqEbQnCW3uy8
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: nonce.lixyAk.1692919915 Value: bb0a63de-5278-4a48-b8a2-8a0d0ad15d5f
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS0141ee40 Value: 0191a2d84ea618fe1ba820745937037c11484ae8eb5f3f65e4609dce9860411eee3aedf3dd80d5bb85c9e5867969356b0bd9ade2c7
.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS01163ad9 Value: 0191a2d84ea618fe1ba820745937037c11484ae8eb5f3f65e4609dce9860411eee3aedf3dd80d5bb85c9e5867969356b0bd9ade2c7
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: ext-PF Value: WEa9GXyuFTud23r84DoacbtF4kPN79oWCNm3jPJIltMA
.healthsafe-id.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_39_sn_8F122BE9E2A32F3B110462730F57B034_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0_app-3Aea7c4b59f27d43eb_0
.www.healthsafe-id.com/	1970-01-20 23:51:19	Name: Tv6TR2qd Value: A6JS3ymKAQAAWXBjJMmvuAK-ftAlQOoKvvK4VNXcWko3OHm8mwbXYLZzTffkAWAJ-SqucuHJwH8AAEB3AAAAAA\|1\|0\|06ba59046413f61e329617902d658b91f5d1d4ab
.www.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS012562a2 Value: 0191a2d84ea618fe1ba820745937037c11484ae8eb5f3f65e4609dce9860411eee3aedf3dd80d5bb85c9e5867969356b0bd9ade2c7
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: rakanto_ubrid Value:
.healthsafe-id.com/	1969-12-31 23:59:59	Name: at_check Value: true
www.healthsafe-id.com/	1970-01-20 23:00:55	Name: HSID_V Value: a7b7c4f4-a6b2-4f9b-9d26-08ec8eef09e8
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: SESSION Value: MDdiY2M0N2EtOWU5Ni00NWVhLTg3MzYtZTRiNTU3N2MzNTc5
.healthsafe-id.com/	1970-01-20 16:24:55	Name: _gcl_au Value: 1.1.1108710023.1692919618
.healthsafe-id.com/	1970-01-20 23:51:19	Name: _cls_v Value: 7579ec4d-0eb7-4a06-836f-880a42aaecfd
.healthsafe-id.com/	1969-12-31 23:59:59	Name: _cls_s Value: fa829d03-c42e-466a-819f-5dca3ecac6bb:0
.demdex.net/	1970-01-20 18:34:31	Name: demdex Value: 06266716802578699391250538814594210443
.healthsafe-id.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 23:00:55	Name: everest_g_v2 Value: g_surferid~ZOfnQgAAAL7c6AN-
.dpm.demdex.net/	1970-01-20 18:34:31	Name: dpm Value: 06266716802578699391250538814594210443
.healthsafe-id.com/	1970-01-20 23:51:19	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19594%7CMCMID%7C05301889619596307462212165662007575906%7CMCAAMLH-1693524417%7C9%7CMCAAMB-1693524417%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1692926818s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19601%7CvVersion%7C5.0.1
.healthsafe-id.com/	1970-01-20 23:51:19	Name: mbox Value: session#20e6f792ea3b4251a40d40a224a42add#1692921479\|PC#20e6f792ea3b4251a40d40a224a42add.35_0#1756164419
.healthsafe-id.com/	1970-01-20 14:15:21	Name: gpv_pn Value: D%3Dv25
.healthsafe-id.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 23:51:19	Name: IDE Value: AHWqTUnJWLETInPzJSQ0gAFJpbRTN4-hKggQ2qHEa5D8UgeVLDw4HHycga7P2-cGPy4
rba-screen.healthsafe-id.com/	1970-01-20 23:51:19	Name: thx_guid Value: 24507c817b5b438fbc77e0c61c39997a
.demdex.net/	1970-01-20 18:34:31	Name: dextp Value: 771-1-1692919618131\|903-1-1692919618254\|285689-1-1692919618354
.adsrvr.org/	1970-01-20 23:02:22	Name: TDID Value: 5b2ed93d-3ee2-414c-bd1a-e889a3879b25
.adsrvr.org/	1970-01-20 23:02:22	Name: TDCPM Value: CAESEgoDYWFtEgsI9PWtzvTAkjwQBRgFIAEoAjILCL6S4_qKwZI8EAU4AQ..
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vfmn4q13o34jh3cnu0ffxf0p
report.uhg.glassboxdigital.io/	1970-01-20 14:25:24	Name: AWSALBCORS Value: AMGqbTZeCY13zBnuMgf6nzafMPM9TZjfUskhYuZ9LyHw3LrzMEUI4WB+V4D5kTCztUysimtNDGKHIH4snoVBQIvKmM87VFBYum8tGLJzFIa6JGsoBe6vXFzE/NVR
.healthsafe-id.com/	1969-12-31 23:59:59	Name: cls_e Value: fa829d03-c42e-466a-819f-5dca3ecac6bb:15496876576943
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hcmsjws355tifpu2srp0kue2
h.online-metrix.net/	1970-01-20 23:51:19	Name: thx_global_guid Value: 6466caa1d2314bd0acca444e320f6ff8
.ib.mookie1.com/	1970-01-20 23:02:22	Name: ibkukiuno Value: s=0325797b-3af3-4ddb-b629-73f47d21b458&h=&v=277475573&l=-8585086872656799225&op=&hl=0&vlu=3&tcs=1&dcc=-8585086872663346390
.ib.mookie1.com/	1970-01-20 23:02:22	Name: ibkukinet Value: 1611266346=-8585086872656799225&1611266346=-8585086872656799225

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICpximKAQAA_VeXOaul-27BlSTkZxLosj7I2VC6Y77dKqwNBbSzAoQ6BOXy&EdxVWcjYRR--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security	error	URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js(Line 93) Message: Refused to create a worker from 'blob:https://www.healthsafe-id.com/7c580fe8-18f1-45b5-a2bd-7254bfc9c0b6' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15saug00flmtizaszhl7r4zd64fklkuvpvlaugfb603062e93d9f81a2sac.d.aa.online-metrix.net
account.optumbank.com
assets.adobedtm.com
cdc-aem.optum.com
cdn.gbqofs.com
cdn.healthsafe-id.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
ib.mookie1.com
match.adsrvr.org
member.werally.com
rba-screen.healthsafe-id.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
sso.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.com
www.googletagmanager.com
www.healthsafe-id.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
104.17.209.240
13.111.39.86
142.250.80.34
149.111.144.83
149.111.166.210
168.183.37.177
192.225.158.1
192.225.158.132
192.225.158.3
2600:141b:e800:1192::1e80
2600:9000:26fa:b000:3:b102:a080:93a1
2606:4700::6812:180d
2607:f8b0:4006:80c::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
3.33.220.150
35.83.4.243
45.60.31.26
52.167.10.111
52.206.162.54
54.175.238.162
63.140.36.104
63.140.38.15
64.58.232.176
64.58.232.177
75.101.158.101
0ee55ec487ffb09324f262449845a9331d1abb1f2b4edb063395e669afd9936c
17dfbfe5b4e4f091c7b624ccc5da01494002871598c1f9c25c2d10dc8d14e7c2
1ede27e307ba66233a048c3311c1ee04dac2a662b449d7b7077e5354ec76a861
1ff981b7e5571ccedd8af168bea422e72d13532c538226caadae6386831fc372
215d426318e178abe82efa0e7d178a3719df4726785cb3716d842a28fbca5a5e
2511823ee589cef1a1b05009d107035ad3d0656d238cdb9ca3f51e53da4c24e6
2f96724a1532ec7d4b0ed4f514311d48a4c986200f73fe75fa9c0e9980eb542e
3486813cbf6c9f72fbfa13ecaeb28e1288ea769c32da11701734c183d34708f1
34a41cc751325e7c02aedc635a56cff37250424874c26802ea8fd6f3ce2480d0
34f6e869971dfe8f81b5028ee309662950bb6503844109303502add05aa86327
385625f997dd74f50f8c3b8636309ddca1ed531ed762e577ef8a819c24fbd8e4
39dceebef0f38f40856ea031ad3d6f5f8fc1c7405294e2a3fc0296c1441e464b
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
3eab67c3ee182fd280acc4d630cc9fa63a0a40db14d7b75c4ee193713d1c23ad
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4b42e0011feba81137f84f8b46ff9e2fe31dd96652cb4338d7f2fc6b78c543c0
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af
56915feca11e91e6f98514dceb86c5a3c18d0c8ca93a4657e80f08310029cc4c
59d0bdf9af07a5de228666d9fc4315ee9859894780f5dc2ce07ab1b7599b35cf
5fe7c9f7414b241f818b0d5e420b58e1d7fbb5629750363e1770292afd7981c8
62886ff4d416325f2b53644308ebbe3b4682622e7409f403f46de16754cbd442
692ed5948273497b00456c97d68c6b522d89cb09cd65d354de1f42abe6ca8e2b
71e75a5824600b7387d3e7bbf8769685d52e184fd28749a23ab7bd17ca7ebf72
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
859a336a433020d8695e5bdc86c53c0361d8bd8bbc710edfcd6e10f2935081ca
8f3f22a768ac5db6d74b6300ce0be9e2db425ef538daed637c452f64d18d7b3f
90d718a3b764039b13680de28c717e2d284a1a5b383e47492118b0b91b344404
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
965a2c31659c544a6a01fbe1bac9958452aa28ccb7ac568867ded1ac95230674
a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0
a968f85275e651446ef5f7c4641a47e7e843d2416df7a87b7246551795b3a169
acd4b9fee766431128cde5fea01c9de823f0d4625d59fd5c14e643e661d74350
ad1ad50cc74d6a9492788b02afa0a89de67dfc73ba6ae3dffb27c6d11d72b279
b0bee52d70ab5483f94a29e3be356a0444c4c7b710813296e9ba6a54b55f21de
b28bd866e643de789ec8763657c5a7ab99f1f059cafeb91d92701dedcd613037
bc54df4c3e8d66c2bc9d597732cc62cd93e355a88063b32e8dc532033d654fdc
c0a2d8d2c814b20e1c9141321c11837e3884dacbc7e0d35f0442a74449922472
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
ca5dc2c8c576daa47a421172dc3494f0629bac2071a9d5f19e1c953b434f0481
ced37cfef6acb0adea6190ffb9c9bf86fa87e41c62657b57d4187d70400f7c78
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
dba119cd412abee025ac72eb4850fe81e2463ccd0ccd47e7159c0a812a9e64a3
e0762439f8f2b7ab880bbf57924d25b3010383300e18f5215f094184996f49ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2
e6e7252ae36160ed4ab51df7cfe78e94f93b52af86fdaf18f9e062cf8be789e6
e6fd152614aba78b5e07d117fe7ca3d7a0a41b196662698e7b156cf9d016f095
e9cbaa037570b2f563483466425238aae8953347ca0c9e381012a7b784f51f5f
ea803adc6918df0de1d4cfb11ec88d1ff01552102dee4b0ddbacffdac99b8dbe
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f2cc8af858ec101fd1e2522b086ed18727916b1e23c5da066f2877e2541897
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f2257d5dcff45e05bb9d046829b14c16dc3751a2e620af325231c44506d63f1a

www.healthsafe-id.com Open in urlscan Pro 149.111.166.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

92 %HTTPS

23 %IPv6

19 Domains

27 Subdomains

20 IPs

2 Countries

1475 kBTransfer

4971 kBSize

39 Cookies

2 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.healthsafe-id.com Open in urlscan Pro
149.111.166.210 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

92 %
HTTPS

23 %
IPv6

19
Domains

27
Subdomains

20
IPs

2
Countries

1475 kB
Transfer

4971 kB
Size

39
Cookies

75 HTTP transactions
2 data transactions