urlscan.io logo urlscan.io
SecurityTrails logo

www.healthsafe-id.com Open in urlscan Pro
149.111.166.210  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.yourhealth-wellnessteam.com/u/?qs=584395a31660ccf81b679f6386383c362d0f0ab5b925bec59234462de81f13ac983462006b3924c6723a6440b3...
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On September 29 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 2 countries across 20 domains to perform 80 HTTP transactions. The main IP is 149.111.166.210, located in United States and belongs to UHC, US. The main domain is www.healthsafe-id.com. The Cisco Umbrella rank of the primary domain is 95432.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 8th 2023. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.39.86 14340 (SALESFORCE)
1 1 52.167.10.111 8075 (MICROSOFT...)
1 1 149.111.144.83 10879 (UHC)
2 13 149.111.166.210 10879 (UHC)
1 149.111.164.232 10879 (UHC)
10 13.32.208.118 16509 (AMAZON-02)
5 2.23.160.226 16625 (AKAMAI-AS)
2 13.107.253.40 8075 (MICROSOFT...)
1 45.60.31.26 19551 (INCAPSULA)
2 149.111.165.13 10879 (UHC)
1 5 52.55.43.203 14618 (AMAZON-AES)
2 104.18.24.13 13335 (CLOUDFLAR...)
3 172.253.63.97 15169 (GOOGLE)
1 44.207.177.141 14618 (AMAZON-AES)
2 63.140.38.180 14618 (AMAZON-AES)
1 1 3.213.216.245 14618 (AMAZON-AES)
1 63.140.38.226 14618 (AMAZON-AES)
2 142.251.111.154 15169 (GOOGLE)
2 2 142.251.16.156 15169 (GOOGLE)
2 172.253.115.147 15169 (GOOGLE)
2 142.250.31.94 15169 (GOOGLE)
2 2 15.197.193.217 16509 (AMAZON-02)
2 34.193.14.36 14618 (AMAZON-AES)
6 104.17.208.240 13335 (CLOUDFLAR...)
16 192.225.158.132 30286 (THM)
1 4 192.225.158.1 30286 (THM)
1 192.225.158.3 30286 (THM)
80 22
1    13.111.39.86 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com
1    52.167.10.111 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
account.optumbank.com
1    149.111.144.83 (United States)

ASN10879 (UHC, US)
sso.optum.com
13    149.111.166.210 (United States)

ASN10879 (UHC, US)
PTR: healthsafeid-hcc-elr.optum.com
www.healthsafe-id.com
1    149.111.164.232 (United States)

ASN10879 (UHC, US)
PTR: repo-elr.rakanto.com
repo.rakanto.com
10    13.32.208.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-118.iad66.r.cloudfront.net
cdn.healthsafe-id.com
5    2.23.160.226 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-160-226.deploy.static.akamaitechnologies.com
assets.adobedtm.com
2    13.107.253.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
myoptum.optum.com
1    45.60.31.26 (United States)

ASN19551 (INCAPSULA, US)
member.werally.com
2    149.111.165.13 (United States)

ASN10879 (UHC, US)
PTR: cse-elr.rakanto.com
cse.rakanto.com
5    52.55.43.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-43-203.compute-1.amazonaws.com
dpm.demdex.net
2    104.18.24.13 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gbqofs.com
3    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    44.207.177.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-177-141.compute-1.amazonaws.com
unitedhealthgroup.demdex.net
2    63.140.38.180 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-180.data.adobedc.net
smetrics.optum.com
1    3.213.216.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-216-245.compute-1.amazonaws.com
cm.everesttech.net
1    63.140.38.226 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-226.data.adobedc.net
unitedhealthgroup.tt.omtrdc.net
2    142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
googleads.g.doubleclick.net
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
cm.g.doubleclick.net
2    172.253.115.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f147.1e100.net
www.google.com
2    142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net
www.google.ca
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.193.14.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-14-36.compute-1.amazonaws.com
report.uhg.glassboxdigital.io
6    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
siteintercept.qualtrics.com
16    192.225.158.132 (United States)

ASN30286 (THM, US)
rba-screen.healthsafe-id.com
4    192.225.158.1 (United States)

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net
h.online-metrix.net
1    192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net
15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
39 healthsafe-id.com
www.healthsafe-id.com — Cisco Umbrella Rank: 95432
cdn.healthsafe-id.com — Cisco Umbrella Rank: 120044
rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 99704
670 KB
6 qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 93794
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1560
71 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 62640
8 KB
5 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 4731
15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net
17 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 626
190 KB
5 optum.com
sso.optum.com — Cisco Umbrella Rank: 108630
myoptum.optum.com — Cisco Umbrella Rank: 359158
smetrics.optum.com — Cisco Umbrella Rank: 54199
19 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
215 KB
3 rakanto.com
repo.rakanto.com — Cisco Umbrella Rank: 70443
cse.rakanto.com — Cisco Umbrella Rank: 68675
60 KB
2 glassboxdigital.io
report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 64021
3 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
703 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8716
563 B
2 google.com
www.google.com — Cisco Umbrella Rank: 11
563 B
2 gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 13222
291 KB
1 omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 60475
852 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1990
517 B
1 werally.com
member.werally.com — Cisco Umbrella Rank: 116220
898 B
1 optumbank.com
account.optumbank.com — Cisco Umbrella Rank: 471644
1 KB
1 yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 395167
282 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
80 20
Domain Requested by
16 rba-screen.healthsafe-id.com cdn.healthsafe-id.com
rba-screen.healthsafe-id.com
cdn.gbqofs.com
13 www.healthsafe-id.com 2 redirects www.healthsafe-id.com
cdn.healthsafe-id.com
10 cdn.healthsafe-id.com www.healthsafe-id.com
cdn.healthsafe-id.com
5 siteintercept.qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
www.healthsafe-id.com
siteintercept.qualtrics.com
5 dpm.demdex.net 1 redirects www.healthsafe-id.com
5 assets.adobedtm.com cdn.healthsafe-id.com
assets.adobedtm.com
4 h.online-metrix.net 1 redirects rba-screen.healthsafe-id.com
3 www.googletagmanager.com assets.adobedtm.com
www.googletagmanager.com
2 report.uhg.glassboxdigital.io www.healthsafe-id.com
cdn.gbqofs.com
2 match.adsrvr.org 2 redirects
2 www.google.ca www.healthsafe-id.com
2 www.google.com www.healthsafe-id.com
2 cm.g.doubleclick.net 2 redirects
2 googleads.g.doubleclick.net www.googletagmanager.com
2 smetrics.optum.com www.healthsafe-id.com
2 cdn.gbqofs.com www.healthsafe-id.com
cdn.gbqofs.com
2 cse.rakanto.com www.healthsafe-id.com
2 myoptum.optum.com www.healthsafe-id.com
1 15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net
1 zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com www.healthsafe-id.com
1 unitedhealthgroup.tt.omtrdc.net www.healthsafe-id.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 member.werally.com www.healthsafe-id.com
1 repo.rakanto.com www.healthsafe-id.com
1 sso.optum.com 1 redirects
1 account.optumbank.com 1 redirects
1 click.yourhealth-wellnessteam.com 1 redirects
0 global.ib-ibi.com Failed
80 29

This site contains links to these domains. Also see Links.

Domain
account.optumbank.com
www.uhc.com
Subject Issuer Validity Valid
healthsafeid-hcc.optum.com
COMODO RSA Organization Validation Secure Server CA		 2023-04-08 -
2024-04-07		 a year crt.sh
repo.rakanto.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-04 -
2024-07-03		 a year crt.sh
cdn.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA		 2023-06-07 -
2024-06-06		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
myoptum-dev.optum.com
COMODO RSA Organization Validation Secure Server CA		 2023-03-15 -
2024-03-14		 a year crt.sh
*.werally.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-28 -
2024-07-28		 a year crt.sh
cse.rakanto.com
COMODO RSA Organization Validation Secure Server CA		 2023-08-29 -
2024-08-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-11 -
2023-11-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
smetrics.optum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-04-21		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-22 -
2024-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
uhg.glassboxdigital.io
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-08		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
rba-screen.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA		 2023-04-24 -
2024-04-23		 a year crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-01-09 -
2024-01-23		 a year crt.sh
*.d.aa.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-03-03 -
2024-03-04		 a year crt.sh

This page contains 8 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Frame ID: B065ED0BBB3850DB245A5FBD0063FB5F
Requests: 55 HTTP requests in this frame

Frame: https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: FB8BEB39063B7D30A5B3535C7E1DF9A7
Requests: 2 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 2ACCC861F34BAC9B876D6806534FEBF1
Requests: 4 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Frame ID: E34CBBA588F83D48F4ABAE033F8872FC
Requests: 13 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/HP?session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 025992037FDC7118B55E1213FEA8ED93
Requests: 3 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Frame ID: 5FD3BC536AFD720B3CAF7EBDCE288CBF
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Frame ID: 9F7DC73118A0DB102DEECF8DE7CF4586
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Frame ID: CF0B39AE263C7EA3601B0EF5E102B1C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - OptumBank

Page URL History Show full URLs

  1. https://click.yourhealth-wellnessteam.com/u/?qs=584395a31660ccf81b679f6386383c362d0f0ab5b925bec59234462de81f13ac983462... HTTP 302
    https://account.optumbank.com/account/deeplink/cards?cid=obnk:eml:Fiserv_Recardobnk:Order_Card::2368106mp20 HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&... HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/fWxnuF73Yp/resume/as/authorization.ping&spe... HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

80
Requests

93 %
HTTPS

0 %
IPv6

20
Domains

29
Subdomains

22
IPs

2
Countries

1544 kB
Transfer

5148 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.yourhealth-wellnessteam.com/u/?qs=584395a31660ccf81b679f6386383c362d0f0ab5b925bec59234462de81f13ac983462006b3924c6723a6440b32ad41cdd225d4650735131 HTTP 302
    https://account.optumbank.com/account/deeplink/cards?cid=obnk:eml:Fiserv_Recardobnk:Order_Card::2368106mp20 HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid&state=UZDaU4LwizbHqVGyzRg4DGayd9E7UqCnsQ6mROhJ3ps%3A%2Faccount%2Fdeeplink%2Fcards%3Fcid%3Dobnk%3Aeml%3AFiserv_Recardobnk%3AOrder_Card%3A%3A2368106mp20%26brand%3Doptum%26portal%3Doptum&pfidpadapterid=HsidNewUIOidc&portal=cap HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/fWxnuF73Yp/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://account.optumbank.com/login/callback&portal=cap&client_id=bank-cloud-prod HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoia3QtbVBwSUlDZUxHcG5mX19hM2stLUR5TnhZIiwic3VmZml4IjoicGRpdmZHLjE2OTU5NTIzMzAifQ..bw55dBzRFplL-0Lse2IJDA.hy3wszTgyPEfNIQIdm0RV4doU6A7EA5w3Y_LTrZOg-2aXuIbE5ax3gz3Yx7Zj3A3n_akAz9otwOK_4z4yA7XpfA9qFrP9JdT8llqi_MEWZ2RaCLZYFFSOPL-KP3W7MbkMEV1CILyKKtZqwF76zEXkn3EQKu2MVVcprS4lPqw367e1gjOxx2zy38Hos6ucp39YPF8MZQs1VIH_Lbx18KyfxnQAkRFt_1hKWwj1Cxx18d_JMv8GHFTBzRT9VQ4vgPv-Ep2JkRR6fn5x5J-aDCDZ_IPKubNSMs7zPP9Qp5UBnCFv_j_Qsy_hi3M3XEdBikg.9uIb0yOvJCBO_2bPJHcMFA&nonce=bhctEQ8qW-nG5146eby_fUc9dQ3NhDvft5YPkSs6CCU&acr_values=BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517
Request Chain 34
  • https://cm.everesttech.net/cm/dd?d_uuid=43952536886161739844456252256758141496 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRYsnwAAAJlOkANP
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDM5NTI1MzY4ODYxNjE3Mzk4NDQ0NTYyNTIyNTY3NTgxNDE0OTY= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDM5NTI1MzY4ODYxNjE3Mzk4NDQ0NTYyNTIyNTY3NTgxNDE0OTY=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFmSupkZ4wjKJCpve-6X7gU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 48
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
Request Chain 67
  • https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&gttl=155520000 HTTP 302
  • https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&k=2

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.healthsafe-id.com/rt/
Redirect Chain
  • https://click.yourhealth-wellnessteam.com/u/?qs=584395a31660ccf81b679f6386383c362d0f0ab5b925bec59234462de81f13ac983462006b3924c6723a6440b32ad41cdd225d4650735131
  • https://account.optumbank.com/account/deeplink/cards?cid=obnk:eml:Fiserv_Recardobnk:Order_Card::2368106mp20
  • https://sso.optum.com/ext/as/authorization.oauth2?approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid...
  • https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/fWxnuF73Yp/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https:...
  • https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWx...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
257ca00190e4bfa1e22598acf4b33a668b3262512eac7a4525ff9e8109bf2f83
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:10 GMT
Expires
0
Pragma
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-29782035"
Strict-Transport-Security
max-age=300; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-elr-2
X-ruxit-JS-Agent
true

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type
text/html;charset=utf-8
Date
Fri, 29 Sep 2023 01:47:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Pragma
no-cache
Referrer-Policy
origin
Server-Timing
dtSInfo;desc="0", dtRpid;desc="110043775"
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-elr-2
X-ruxit-JS-Agent
true
bundles-average.js
www.healthsafe-id.com/assets/ 		995 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/assets/bundles-average.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
929b1e3efc1c5dedd2b0da75fcf480a0a421582434199a62568ea6906d336b38
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:10 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Via
1.1 google
Transfer-Encoding
chunked
X-Ion-Hop
1
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-249452052"
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-2
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
ruxitagentjs_ICA27NVdefghjqrtux_10269230920162641.js
www.healthsafe-id.com/ 		226 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjqrtux_10269230920162641.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
3a8189f947441620accc6d8297e23620621cd9f91ed7218c216d53525beb0423
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:10 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
X-ps-id
hsid-prod-elr-1
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Content-Length
88089
X-XSS-Protection
1; mode=block
Expires
Sat, 28 Sep 2024 01:47:10 GMT
bundles-average.js
www.healthsafe-id.com/assets/ 		208 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
c5e72934177e9efe0308fca7056d14189137a92b0dfea25a492597a62196a49e
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:10 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
X-ps-id
hsid-prod-elr-2
Via
1.1 google
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
X-Ion-Hop
1
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=3600, immutable
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
X-XSS-Protection
1; mode=block
cx.js
repo.rakanto.com/rakanto/cx/ 		150 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://repo.rakanto.com/rakanto/cx/cx.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.164.232 , United States, ASN10879 (UHC, US),
Reverse DNS
repo-elr.rakanto.com
Software
/
Resource Hash
c8839e3735e88e3ea9ad62d22ce242ab170e73e5dcb718dc4ffd0e92fa9885dd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:10 GMT
Content-Encoding
gzip
Referrer-Policy
origin
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=1800, private
Connection
keep-alive
Expires
Fri, 29 Sep 2023 02:17:10 GMT
index.b54082e0.js
cdn.healthsafe-id.com/static/js/ 		498 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7191a39519204e639ba774d44719bdcf34c702838a87f608db559a14966b6625

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
fHjJY5mE095.Gk.fIuys5oQ9SRM.S7sN
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:11 GMT
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"fadccefa312336bb5a8a2d19676d0cfa"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KRPsdZNFcJozvp4qNwOtIB-nk395E_-ANzT1zLGIXOcQ8VeYaxAuGA==
unsupportedBrowser.3426666d.js
cdn.healthsafe-id.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/js/unsupportedBrowser.3426666d.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
pTcgccOXHeHfGCBSDRpScRjTwVbiugEI
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:11 GMT
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"cbcb1d91a1505564a4121e8bf5972b13"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5xauxSTnQRIjpFlzxoiQWFmAyPImZC89LTDhA7yZ5nWC1oc_Y6bjOA==
index.b7b2e1de.css
cdn.healthsafe-id.com/static/css/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83c5eff9a90a954a0a8cb7324ff1eb96dd712a6941f916de6ab4fcaf02943210

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
2SsZlhhDe_r3X2BWN0N3ea_Luq6HC5lZ
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:11 GMT
last-modified
Thu, 14 Sep 2023 03:54:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"8402f0b6286bcf7140cab827d9adc924"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Qc-zZTJXUNsAST6V8i2t_JeljrF8cZRl8PYW3OTfQsdUQS1a5WgvqQ==
launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
assets.adobedtm.com/ 		532 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.160.226 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-160-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8eaa257cd772f27c4fec48f458ca85f119bee0da650217afb3d5d6b3c2b475c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:09:12 GMT
server
AkamaiNetStorage
etag
"133bdf0534713963f39c5e62e031b32d:1695899352.330353"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
105013
expires
Fri, 29 Sep 2023 02:47:11 GMT
en
www.healthsafe-id.com/uiconfig/cap/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/uiconfig/cap/en
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
2f6adb9c118caf85c2b7340b793cd80b99a6aa402653a5a0382f255e0bc39c95
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
x-dtreferer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-dtpc
42$352030725_487h2vDFDBVRCTCHHVBONUAHMLMRAUFCHRLRAP-0e0

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="992589897"
Content-Length
753
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-2
ETag
"15:dtagent10269230920162641VvEG-gzip:dtagent10269230920162641VvEG"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
0
en
www.healthsafe-id.com/hsid2/content/cap/ 		49 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/hsid2/content/cap/en
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
202b53c8718f499e2907cbc9a33cf2a251825bc88945a1a49ea5e733c07c69e1
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
x-dtreferer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-dtpc
42$352030725_487h3vGKPCMLEMVVRQCWFGHLVIKDERRUPAEAMI-0e0

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-869463369"
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-1
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
0
UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
cdn.healthsafe-id.com/static/media/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41

Request headers

Referer
https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Origin
https://www.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
cqzG4Ck0G2qdHG_weW1NZmPR0NKQtg9q
date
Fri, 29 Sep 2023 01:47:12 GMT
via
1.1 0a82e5e483eb83b4e051a5bca576415a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23212
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
etag
"bcbe88fab9e22b1eac7a432af94051c7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
JqPP1IkqEU5D4fPRnsybYWTJCl8-px9oyTmqhWj9Y7WhFbjWwOR5ow==
811.da5a72ac.chunk.js
cdn.healthsafe-id.com/static/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/js/811.da5a72ac.chunk.js
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fcdc427bd5af7b72dcd7844f48df7cd9c3fbf51b852a1ebd54fe7e989788e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
WiFwkjIbx6EH5BVygiBAsX7mboAq6ORa
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:12 GMT
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"3dd36aff89dcb748f7c78231a1475231"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
c0UXFiVTOZPm-hVEFwg4hUBCQihFY1CULNtv3atFp3K7CWjmyEzTsw==
384.4643eae1.chunk.css
cdn.healthsafe-id.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/css/384.4643eae1.chunk.css
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e40b8457a2b21fd43aed19b97893172ea864a752fb1abb8a679e61e1095b5a65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
0X0UUFTpnJNdvCzwe32Ce0zuwUrc138o
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:12 GMT
last-modified
Thu, 14 Sep 2023 03:54:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"e817640ad8dc3ad17458df7e4b3e5d7b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vzI5mYm5brYTKrKQW-divwaMkxOCQuyOsxMXuXsdiYaVuc0MeInyJA==
384.a030b2b1.chunk.js
cdn.healthsafe-id.com/static/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/js/384.a030b2b1.chunk.js
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34f38fa5fb5ac0637c6e51fa3fba0ea151baf775aae10572aa071511bc3fc569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
jDXcf5KDiK3qRqfcSzGzpzHvwyXf7qI1
content-encoding
gzip
via
1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 01:47:12 GMT
last-modified
Thu, 14 Sep 2023 03:54:01 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
etag
W/"2ef2dcd8d53427e2c78700b9eccca81e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=63072000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
164P71vxf2NUNFHn1Qoy5n8GOVIaqHvx6D7jVfoMXdRULQUZaJjZLw==
HSID_Logo.png
myoptum.optum.com/content/dam/hsid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myoptum.optum.com/content/dam/hsid/HSID_Logo.png
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.253.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa42b3fe18f58812bdc68196038dde44df7c6eca4abf658940c17a017b6b1ed0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-dispatcher
dispatcher3centralus-28250335
strict-transport-security
max-age=63072000; includeSubdomains;
date
Fri, 29 Sep 2023 01:47:10 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0hCsWZQAAAAC8zBe49Zf0TL3tf4o2tgrPRE0yQUExMDkxMjA3MDIzADRkMjljOTEyLTQyZTgtNDU0YS04MDlkLTYyNmJlYzViNzI2ZQ==
x-vhost
globalnav-publish
x-cache
TCP_HIT
content-disposition
attachment
content-length
3646
last-modified
Thu, 27 Jul 2023 19:31:46 GMT
etag
"e3e-6017d03c44c80"
x-frame-options
SAMEORIGIN
x-azure-ref
0nywWZQAAAAC+Dex5+XB1QryCq2HrOnXMQ0gxQUEyMDIwNjAyMDQ1ADRkMjljOTEyLTQyZTgtNDU0YS04MDlkLTYyNmJlYzViNzI2ZQ==
content-type
image/png
cache-control
public, max-age=300
accept-ranges
bytes
OptumBank_Logo.png
myoptum.optum.com/content/dam/hsid/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myoptum.optum.com/content/dam/hsid/OptumBank_Logo.png
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.253.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8bd6b7c047c6a7e767c4786c08002565429a6043c1acb57fa3ec7dd833fa6386
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-dispatcher
dispatcher1centralus-28250335
strict-transport-security
max-age=63072000; includeSubdomains;
date
Fri, 29 Sep 2023 01:47:10 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0nywWZQAAAAA81sDS8QF2SpY+uNkrNdZERE0yQUExMDkxMjA4MDM1ADRkMjljOTEyLTQyZTgtNDU0YS04MDlkLTYyNmJlYzViNzI2ZQ==
x-vhost
globalnav-publish
x-cache
TCP_MISS
content-disposition
attachment
content-length
13208
last-modified
Thu, 27 Jul 2023 19:44:37 GMT
etag
"3398-6017d31b8d340"
x-frame-options
SAMEORIGIN
x-azure-ref
0nywWZQAAAADorlhOFpZaQbkrRMRvuUmKQ0gxQUEyMDIwNjAyMDQ1ADRkMjljOTEyLTQyZTgtNDU0YS04MDlkLTYyNmJlYzViNzI2ZQ==
content-type
image/png
cache-control
public, max-age=300
accept-ranges
bytes
truncated
/ 		290 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
cdn.healthsafe-id.com/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746

Request headers

Referer
https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Origin
https://www.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
iT_MdFiS0CgEoVb86t6Ywjio3of3ESrx
date
Fri, 29 Sep 2023 01:47:12 GMT
via
1.1 0a82e5e483eb83b4e051a5bca576415a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15176
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
etag
"0d39e9365e15137bddeae2f4bf530b47"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
6WBCE076ENRAecgv5dd4-mx-BRg0YvhTDkNG-bJ6l7iDkeGTaURjQw==
FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
cdn.healthsafe-id.com/static/media/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4

Request headers

Referer
https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Origin
https://www.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
qC1kr3VGWzZpcKldQ0wnfiL15wl6gw2d
date
Fri, 29 Sep 2023 01:47:12 GMT
via
1.1 0a82e5e483eb83b4e051a5bca576415a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15548
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
etag
"4d8f0b88bbe9f14c9413d24618d29e6b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
_hIX8YrfAMk62roL_MXSHiUmIU8TM6x46vUNlowE8on37Tms_lT2aQ==
system-arrow-md.svg
member.werally.com/assets/icons/ 		328 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-arrow-md.svg
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-148"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
17-180250587-180249064 2VNN RT(1695952030973 32) q(0 0 0 0) r(0 0)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
+u3uLo1IVjtAdrtHcybORZ8sFmUAAAAAIXHQWogoZxD5FqpBKKN0/w==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
242
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
/
cse.rakanto.com/cx_collector/ 		3 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cse.rakanto.com/cx_collector/
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.165.13 , United States, ASN10879 (UHC, US),
Reverse DNS
cse-elr.rakanto.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
X-ps-id
elr_cse_collector_5
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Access-Control-Expose-Headers
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
crossStorageHub
www.healthsafe-id.com/protected/ Frame FB8B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/protected/crossStorageHub
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://www.healthsafe-id.com/;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://www.healthsafe-id.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With
Access-Control-Allow-Methods
POST, PUT, GET
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
463
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://www.healthsafe-id.com/;
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:11 GMT
Expires
0
Pragma
no-cache
Server-Timing
dtSInfo;desc="1"
Strict-Transport-Security
max-age=300; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
ALLOW-FROM https://www.healthsafe-id.com/
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-elr-1
inbound
www.healthsafe-id.com/hsid/setup/ 		59 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/hsid/setup/inbound
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/json
Accept
application/json
x-dtreferer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-dtpc
42$352030725_487h6vPUKTSBNPENREKBJQMRAAOFBKAJTFKTLG-0e0

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1189337531", dtTao;desc="1"
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-2
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Access-Control-Max-Age
3600
Access-Control-Allow-Credentials
true
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Vary
Accept-Encoding
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Accept, X-Requested-With, remember-me, csrf-token, Q5eim0SSzm-a, Q5eim0SSzm-b, Q5eim0SSzm-c, Q5eim0SSzm-d, Q5eim0SSzm-f, Q5eim0SSzm-z
Expires
0
rbaurl
www.healthsafe-id.com/hsid/ 		40 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/hsid/rbaurl?portalBrand=cap&lang=en
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
x-dtreferer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-dtpc
42$352030725_487h7vRRIFTVPAMBQFTMUFMAUCHLFMKFKOEVMR-0e0

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1694021854"
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-2
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
0
info
www.healthsafe-id.com/protected/tmx/ 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/protected/tmx/info?HTTP_TARGETPORTAL=CAP
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
2569b78ed9dc3b08a7ca2991c34ec02439d181558719174c4166bee44dffce01
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
x-dtreferer
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Referer
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
x-dtpc
42$352030725_487h8vUPDFNFAQPVAMFSTUPHMDAQQLAURUSFBH-0e0

Response headers

Date
Fri, 29 Sep 2023 01:47:12 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
Transfer-Encoding
chunked
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-ps-id
hsid-prod-elr-1
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Expires
0
UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
cdn.healthsafe-id.com/static/media/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.208.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-118.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Request headers

Referer
https://cdn.healthsafe-id.com/static/css/index.b7b2e1de.css
Origin
https://www.healthsafe-id.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
TnzE4kthg_Dx3PRM5xX_uw0u0oy.YUXJ
date
Fri, 29 Sep 2023 01:47:12 GMT
via
1.1 0a82e5e483eb83b4e051a5bca576415a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22420
last-modified
Thu, 14 Sep 2023 03:54:02 GMT
server
AmazonS3
etag
"52d7c5312a4fab395e904f90fe0d47cb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin
cache-control
public, max-age=63072000
accept-ranges
bytes
x-amz-cf-id
RE3kO2sXmBIyUHIvyTSvDbt-E-LrjQDhFnpctR0Z11FQ0ASFuXcoEw==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517
976 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.55.43.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-43-203.compute-1.amazonaws.com
Software
/
Resource Hash
38b7dfed9313b8f1c9e2c10bd563cba4c95ef2b02b08320150189308cdc04978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0532594e1.edge-va6.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
CgJyxpzBTbo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
562
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v049-08cd16043.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gWDqXJhvSxc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1695952031517
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/ 		331 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.160.226 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-160-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dab981e6a8b55f28477a371a75f2b7a8054cd2f467cf816be72c75ca27e8191

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:09:13 GMT
server
AkamaiNetStorage
etag
"791f3b63ac99b90383ee8cc6e88d2954:1695899353.233725"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
86499
expires
Fri, 29 Sep 2023 02:47:11 GMT
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ 		482 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20edc9d4ce8ba668dc74049e00c05e20eb4d856b8015735e1a6ae982767c8c7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
x-amz-version-id
9iGkv1Ly9FXkjSAJ2ao1_AXL4Ht9zG3Y
content-encoding
gzip
cf-cache-status
HIT
via
1.1 28caf939f09e299fca65caaa905d46ba.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
5523
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 22 Sep 2023 15:14:14 GMT
server
cloudflare
etag
W/"2d55e7ced428a83cd8f316522f64bc5d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
80e08e85cc4553f5-YYZ
x-amz-cf-id
XLnFxDnXpFCkCYIA3YOQ4fao-O8PLJsNlM-yJh8HAELbY4BjZXtzjA==
expires
Fri, 29 Sep 2023 05:47:11 GMT
js
www.googletagmanager.com/gtag/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8584968
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
474c1c1710c1236292ade8cdce7c56778c1896659226d50866de6a824c21db3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67264
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 00:24:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 01:47:11 GMT
RCbf452f1e42d74691b5bcebe9baa26baf-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/ 		801 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/RCbf452f1e42d74691b5bcebe9baa26baf-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.160.226 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-160-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6a8a17f39669d361e6a0c11ea7bd31f2d351b3bfa4da7245accc88fd38e15796

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:09:13 GMT
server
AkamaiNetStorage
etag
"791f3b63ac99b90383ee8cc6e88d2954:1695899353.233725"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
461
expires
Fri, 29 Sep 2023 02:47:11 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame 2ACC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.177.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-177-141.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-va6-1-v049-06628c906.edge-va6.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zqaldgzyRCA=
content-encoding
gzip
date
Fri, 29 Sep 2023 01:47:11 GMT
last-modified
Wed, 28 Jun 2023 13:00:53 GMT
vary
accept-encoding
id
smetrics.optum.com/ 		48 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=36813908053170499293620391962095685073&ts=1695952031772
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.180 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-180.data.adobedc.net
Software
jag /
Resource Hash
054404fe09f089205eec9a2ebe2e8908200af3367e44adabf34539702e0fcb11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.healthsafe-id.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZRYsnwAAAJlOkANP
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=43952536886161739844456252256758141496
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRYsnwAAAJlOkANP
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRYsnwAAAJlOkANP
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.55.43.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-43-203.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-077e5894d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
E65bDXDTTKA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRYsnwAAAJlOkANP
Date
Fri, 29 Sep 2023 01:47:11 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 		360 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=f8f59cf15d754c7591402afdf56565b6&version=2.10.0
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.226 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-226.data.adobedc.net
Software
jag /
Resource Hash
806ff0b1207820abc4de57e70835bcb327b740b5ebfa7aac991c89b091198c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
b3c41aeb-7e77-44b1-9210-ee1ac610f73f
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4519c43756353608269b1837e3966008f6951413a2c51b5c27b71a86970a3610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77569
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 00:24:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 01:47:11 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-959766874
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ca0a603559281320c2072139ce3ae2faafd81249a29b8fed19b66405aa77b079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74807
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 00:24:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 01:47:11 GMT
hub-1.0.0.min.js
www.healthsafe-id.com/js/vendor/cross-storage/ Frame FB8B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/js/vendor/cross-storage/hub-1.0.0.min.js
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/protected/crossStorageHub
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.166.210 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-hcc-elr.optum.com
Software
/
Resource Hash
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/protected/crossStorageHub
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:11 GMT
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding
gzip
X-OneAgent-JS-Injection
true
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
Content-Length
1040
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-elr-1
Last-Modified
Tue, 19 Sep 2023 01:29:22 GMT
ETag
"04c82b203564443ec792dcef8f6d48511-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/?random=1695952031916&cv=11&fst=1695952031916&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=Sign%20in%20-%20OptumBank&auid=36449460.1695952032&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959766874
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
2524ac8f1b6ba018b89b03a34c3a12ef7da8c5598ba196fe34b3e9994d31a9bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1557
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s2449975479618
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/ 		43 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/s2449975479618
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.180 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-180.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 30 Sep 2023 01:47:12 GMT
server
jag
etag
3642029257406545920-4617791797661079771
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Thu, 28 Sep 2023 01:47:12 GMT
RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/ 		312 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.160.226 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-160-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
108b225bdaefe227e852f6714d90b342b9b0c34c1bfc0a635d86cf4764854c68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:09:13 GMT
server
AkamaiNetStorage
etag
"791f3b63ac99b90383ee8cc6e88d2954:1695899353.233725"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
194
expires
Fri, 29 Sep 2023 02:47:12 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1695952031981&cv=11&fst=1695952031981&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=Sign%20in%20-%20OptumBank&auid=36449460.1695952032&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
a9e0a781f9185f7adfa69519996738ac53c3da510a3398670e1503358c23e54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1556
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEFmSupkZ4wjKJCpve-6X7gU&google_cver=1
dpm.demdex.net/ Frame 2ACC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDM5NTI1MzY4ODYxNjE3Mzk4NDQ0NTYyNTIyNTY3NTgxNDE0OTY=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDM5NTI1MzY4ODYxNjE3Mzk4NDQ0NTYyNTIyNTY3NTgxNDE0OTY=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFmSupkZ4wjKJCpve-6X7gU&google_cver=1?gdpr=0&gdpr_consent=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFmSupkZ4wjKJCpve-6X7gU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
HTTP/1.1
Server
52.55.43.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-43-203.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-065bf0298.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RenQYz7eQt0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFmSupkZ4wjKJCpve-6X7gU&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/959766874/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/959766874/?random=1695952031916&cv=11&fst=1695949200000&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2029687408&rmt_tld=0&ipr=y
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/959766874/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/959766874/?random=1695952031916&cv=11&fst=1695949200000&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2029687408&rmt_tld=1&ipr=y
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/801669703/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/801669703/?random=1695952031981&cv=11&fst=1695949200000&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2789127481&rmt_tld=0&ipr=y
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/801669703/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/801669703/?random=1695952031981&cv=11&fst=1695949200000&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FfWxnuF73Yp%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252FIGyBrwPNJd%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2789127481&rmt_tld=1&ipr=y
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 01:47:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
dpm.demdex.net/ Frame 2ACC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
Protocol
HTTP/1.1
Server
52.55.43.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-43-203.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-004ff9d9d.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Iu1478k+Qxc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
date
Fri, 29 Sep 2023 01:47:12 GMT
server
Kestrel
content-length
189
RC27118b4cbb854aff86652bc960a05b5e-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/085597be342f/RC27118b4cbb854aff86652bc960a05b5e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.160.226 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-160-226.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ee754689f74042f2bbf5d5a46efc6bef47acac629c88c58e3726914f852bac2d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 11:09:13 GMT
server
AkamaiNetStorage
etag
"791f3b63ac99b90383ee8cc6e88d2954:1695899353.233725"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
657
expires
Fri, 29 Sep 2023 02:47:12 GMT
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ 		529 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/cls_report?_cls_s=aeb669f2-0cc2-4c43-8114-8dbf34bac048%3A0&_cls_v=89d3cea4-753a-48aa-b192-a45baf3fe15d&pv=2&f_cls_s=true
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.14.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-14-36.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
762d1c9ebd58313b8309a58ad8bfa83e01929f4ac0e172acd2401e2d288783bb
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
330
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
GlassBox Cligate
X-Frame-Options
SAMEORIGIN
vary
origin
Content-Type
application/json
access-control-allow-origin
https://www.healthsafe-id.com
access-control-allow-credentials
true
GB-Server
g5035
X-Robots-Tag
noindex
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FIGyBrwPNJd%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FfWxnuF73Yp%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c5fdda2d2974960c72827afa3dbcd20cb62070d7538a3ca0806c5e22fb3000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
524516
cf-polished
origSize=9150
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"23be-08h27Hzksfw/JMOtrzwme4aN/JM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80e08e89bc2c39fb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
image.sbix
global.ib-ibi.com/ Frame 2ACC 		0
0
/
cse.rakanto.com/cx_collector/ 		3 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cse.rakanto.com/cx_collector/
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.165.13 , United States, ASN10879 (UHC, US),
Reverse DNS
cse-elr.rakanto.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Sep 2023 01:47:12 GMT
X-ps-id
elr_cse_collector_5
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Access-Control-Expose-Headers
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
12.f0510cc63da0d227c0b7.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.f0510cc63da0d227c0b7.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3d6cd99bd2d627dcf124c8c449a70556f01f1ca12bcc67ea59d6c37e2f0add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
179227
cf-polished
origSize=71568
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2023 17:12:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"11790-18a853a96a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80e08e89fc8739fb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		73 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web
Requested by
Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5ccbbe34840150c62600c232855499c9d928ed5dea81fbe1f0c43e11674b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.healthsafe-id.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
36b14a19127fc780
cf-ray
80e08e8a6d5a39fb-YYZ
timing-allow-origin
*
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f0510cc63da0d227c0b7.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
179221
cf-polished
origSize=105687
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2023 17:12:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"19cd7-18a853a96a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80e08e8b3ea439fb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
7.09aeb16d93fe81968b60.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.09aeb16d93fe81968b60.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f0b06eaed5237590c778fd1171c1e7566b00864bb6e259fa64d69ad18e6603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
179222
cf-polished
origSize=2901
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2023 17:12:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"b55-18a853a96a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80e08e8bdf7439fb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
1.73297e3f3d8609add842.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.73297e3f3d8609add842.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e61c7f64062b0d5ea6872cc06fe0f5b6d920a7983e03a53a47bf8f286632a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
179223
cf-polished
origSize=29367
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2023 17:12:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"72b7-18a853a96a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80e08e8bdf7739fb-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
tags.js
rba-screen.healthsafe-id.com/fp/ 		95 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&page_id=PAGEID
Requested by
Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.b54082e0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3d14efb23e7e2a939fb98fd00cc2f2a8b192cc9dfe55d86cb766e99de6ea319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34
rba-screen.healthsafe-id.com/fp/ Frame E34C 		438 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&page_id=PAGEID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
9067f412b377f137514c556625c5df15f3c30bc82ebea2133a267db3881a1564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
c8f0bcac2b74b8f0
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ Frame E34C 		482 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20edc9d4ce8ba668dc74049e00c05e20eb4d856b8015735e1a6ae982767c8c7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 01:47:13 GMT
x-amz-version-id
9iGkv1Ly9FXkjSAJ2ao1_AXL4Ht9zG3Y
content-encoding
gzip
cf-cache-status
HIT
via
1.1 28caf939f09e299fca65caaa905d46ba.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C2
age
5525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 22 Sep 2023 15:14:14 GMT
server
cloudflare
etag
W/"2d55e7ced428a83cd8f316522f64bc5d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
80e08e90ba4a53f5-YYZ
x-amz-cf-id
XLnFxDnXpFCkCYIA3YOQ4fao-O8PLJsNlM-yJh8HAELbY4BjZXtzjA==
expires
Fri, 29 Sep 2023 05:47:13 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ Frame E34C 		471 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/cls_report?_cls_s=aeb669f2-0cc2-4c43-8114-8dbf34bac048%3A0&_cls_v=89d3cea4-753a-48aa-b192-a45baf3fe15d&cls_e=aeb669f2-0cc2-4c43-8114-8dbf34bac048%3A15496876576943&pv=2&f_cls_s=true
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.14.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-14-36.compute-1.amazonaws.com
Software
GlassBox Cligate /
Resource Hash
fc960529eb7e8ec5defdf64a433b8722334bc4159feeee806df175e49a0adef7
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
315
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Server
GlassBox Cligate
X-Frame-Options
SAMEORIGIN
vary
origin
Content-Type
application/json
access-control-allow-origin
https://www.healthsafe-id.com
access-control-allow-credentials
true
GB-Server
g5035
X-Robots-Tag
noindex
HP
rba-screen.healthsafe-id.com/fp/ Frame 0259 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/HP?session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
0467b448a90e06bea5cd1cb56c1f84095d09383d586e4c7a318783b70916b597
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
5797
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		81 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png
Requested by
Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 15saug00/c8f0bcac2b74b8f0fa04f06c-ed2a-4117-8594-2115ce1dc0bb
Referer
https://www.healthsafe-id.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 29 Sep 2023 01:47:13 GMT
Server
Apache
Etag
0da0e1ef25144298b9ecf8f3ced430d8
Content-Type
image/png
Access-Control-Allow-Origin
https://www.healthsafe-id.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Wed, 27 Sep 2028 01:47:13 GMT
clear.png
h.online-metrix.net/fp/ Frame E34C
Redirect Chain
  • https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&gttl=155520000
  • https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&k=2
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&k=2
Protocol
HTTP/1.1
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
P3P
CP=IVAa PSAa
Location
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&k=2
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
0
ls_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34
rba-screen.healthsafe-id.com/fp/ Frame 5FD3 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
45e38924674903037f89c6647966b8eb59b610bd6775c6a93488f0d9747d4b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3136266c71613f633c393337396e636265313b3c393f6669643934356034366331343a31303562
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34
h.online-metrix.net/fp/ Frame 9F7D 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
18b1d9a6c995b8957b4484b45b15d2ea2fe4d570fb6b6eb63b301734b8f8c4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34
rba-screen.healthsafe-id.com/fp/ Frame CF0B 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
5fc0077222f73de7153033afefd7ba6b7e25dc3d0eae06889680eda68e040e3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.healthsafe-id.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Sep 2023 01:47:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&ja=303337342426613f2534383226723d3630246e35313e30387a313230322661663f313432327831323230247170793d3278382664707035392c393638322c313232302c313430322e333230302e313432382c313030382c3136323824313a30382e302c30246d743d63383a3063626364613735666c666464396d61383433393c3738366a3b613761246d6e3d36267161663d3234246c6a3f60747472732d334125304e2d324e777f752e6865636c7468716164672f69642e616f6f273a467276253a466c6f656166253a466b6370253244656e2531465643504745542733466a7c747071253a353341273a3d324e253a3732467775772e6867616e766a736166672d6b6626636f6f253a353246707c2d323d324e71656375706525323732446377746825303530446b617027323d3246656c2d3a353b467a6773756d672532353144273037324661712530373a4666557866754637315178253a353a44726573776d65253035304463732532373244637d74686d72617a61746b67662e7869666525323530367370676e766b767925323733466c7d6c6c27323d323673616778652d323d31446f70676e69642732373034726573726f6c716d5f747b706d253235314c6b6f6c652d3035323672666964726166637226706c3f332472603d373a663a386161346a6b666a6539333362373138376167306631606462326634246a603d3364646a61636363386a623b333d36336537616333373535323737383264353924687b6f3d556966646f77712d3a3039302e6873623d4168726f6f65273032313137246a716d7d3d576b6e6c6f777324627b627d3d4b6a726f6d67266e68613d36246c646d3d3a266c6f7c703d32267c7a643d43656d7261636927324656636e636f77766770246d61746a723f3638303366316b32626561383a653e636b373630303a326164333537363231666436353a3a39343166366d616132366c6b393c616e60643732313133313b36632466723d68767472712d334127324e253246757f7f2e6065696e7468736366652d6b642c616d6d2532447276273a466c6d67616e2532446b69702d324e676e2533445441524545562731446874767071273a353343253a353246273a3d324e777f752e6865636c7468716164672f69642e616f6f273a353244727c253235304e7b656b757a67253235304661757668273037324663637027303d3246676e2d323533447a6d737d6d6d273235334625323530466371273235324466557a667546353351702532373a4e726d737d6f65253237324661712530373046617576686d70617a617669676e2e706b666f253a353a347370656c7469747b25303731446e756e6c27303d3236716367706525303d3b4467706d6c69642530353236706571726d6e73655d747b726d253237334c636f64672d3a353a3678646964706364617024703f726e7567696c5f646e69736827354d66616c716d297064756f6b6e5f776b6e646f75735d6f676469615d706e6371657227354d66616c716d297064756f6b6e5f61666f62655d6161706d62617427354764696c736721786c75676b6657717d696b6974696d6725354564616e716721706c77676b6c5773686d6363776176672d3d456e6164716521706e7567696c5f7067636c706c637967702d354564616473652172647d67616e57746c635f726c6179677227374766616c716523726475676b6e5764657663647e722d354d64616c736721706c77676b6c5d7376675d766b677f657227354d66616c716d297064756f6b6e5f6a63766125374564636e736526656c5d6135776560676457656245442d32383126322532302a4f70656c474e27303045532732323026302530304b68726f6f617d6d21576d60474c253030474c514c2730324553253030332c38253232284770656e45442d3238455b273230474e534c2530304751273230312c302730384368706f6569756d2b5f6d6243697c5565624b6b74253232576760454c414e454c475d616e737661666365645d697a7269797b2733422530304558565f606e676e645f6f696c6f69782531422d3230455a5c5763676c67705f6275646665725d68636e645f666c6d6176273b422530304d58545f646467617c5f6a6e656e64273342253030475a565f667263675d666d70746a253b422532324d5054577360636465725d746578767570675d6c6f64273340273a30455a5457746578767d7a655763676f7072657173696f6c5f607276632533402530324d58545d746d787475706d5763676d78706573736b6f6e5f70677661273342253030475a5c5f7467787c7572655d6e616c7c657a5d616e69716f74726d706b61273342253030475a5c5f7350474a253342273a384f4d5357676c656d676e745f6b6e66677a5f75696c7427314a2532324f4d535f66606757726d6e6c67725f6d6b706d61722531402732304f47535d717c616e66617a645f64677a61766974617465732531422532324f47515d7465787675706757666c6d617c253342273a384f4d5357766578747772655f646c6d63765f6c696c6563702d33422732384f45535d7c6d787c757a675f68616e665f666e6f63762733422530304d475b5f7467787c7572655d60696c6e5f6e6e6f61745d6c696e6761702731422532324f475157766570746d785f61707a6979576f6a68656374273342253030554740474c5f616f6e6d7a5f6277666e65725f646467617c253b40253230554542474e5f616d6f707265717367665774657a747d72655f637b7c632d334a273230574742474c5d636d6f727265737165665d7c657876757a655f65766b2d334a253a32574542454c5f636d6d727067737365665f7667707475706557657463332d3b422d3238554542474e5f636f6f707067717365645d74677a7c7572675f7b337463273b4a253a305f4742474c5d636f6d727267717165645f76657a767d72655d733b74635f717a6f622d334a273230574742474c5d64676077675f72676e66677a65725d6966666f25314a2d3238574d40474c5f666570746a5f76677a747572672531402d323055454a474c5f667a697757627d6466657271253342273232554742474c5d6c6d716d5f636d6e7c657874273b4a253a305f4742474c5d6d756c76695d66706177313426656e57683d31666e356466643c3f3438646c613430376736326267306735366432353734343338346436323d39267765647e3d416e7c676c253232496e632c2675656e723d496c74676e2d32304b726173253232477865664744273230456c67696e67266161663d32&jb=333534266e713f4f677a696e6c69253246372638253a302055696e646d77732530304c5627323031322e32273b422530305f696e36362d3b422d32387a3634292732304172706e675565624b6b7427304e3533352e3b362532322043485c4d442732432530306c696965273032476563696f2b273a30436a72676d6525304e39313f2e382c3539333a2e393227323251636661726b2530443d33372c333e
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
clear.png
15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net/fp/ Frame E34C 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
d.aa.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js
rba-screen.healthsafe-id.com/fp/ Frame 0259 		208 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/HP?session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
d9c90b1b7e43a189655b4403657eb10d1fe9f0ff416cdf494c5feb60db83f2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/HP?session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
c8f0bcac2b74b8f0
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=96
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 5FD3 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jf=3136266c71623f306b333433323b63343563383c353e383161323539663838373b363060643438
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34
rba-screen.healthsafe-id.com/fp/ Frame E34C 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rba-screen.healthsafe-id.com/fp/clear1.png;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jf=363134267169665d7a6e643f746c725f5a4f417d465e6b64453643573a5a644824736b665d646174673d333431353937323833332671616c5f7c7978673d7765603a6563667363247169645f69657b3f3b30353b333831333034383f3269383e363863653164303232313234323832613a36363a6b653366303b30313035383b343a303832343638363436663134363564323062346667326c6633603331323534603d69393d633b3b30656660386162606431603a393932346437643f343363356a6365373b6a3d353d343163653661663136643a62306134316339676633366b36663b626a653938326e3c306e323c3b6566626462616432343b3461653966323833353c642671696c5f736965353b303c343830323036633334363462353132643433366635663839343a383e3831383a3c383331326b61343565666133396762613735366365633735376d633132316c373466366a38323a303934613637323531393263676660376465613737643d396530366a633166603c6c6238383b31356338373933333b36353234656434336530303c313833333e3426736b6e7a3d38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:13 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=210FA5701D8794DCFF114A8206B7B816
h.online-metrix.net/fp/ Frame 9F7D 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=210FA5701D8794DCFF114A8206B7B816?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jf=363134267169665d7a6e643f746c725f74514c71467c7a6b55496b755267646824736b665d646174673d333431353937323833342671616c5f7c7978673d7765603a6563667363247169645f69657b3f3b30353b333831333034383f3269383e363863653164303232313234323832613a36363a6b653366303b30313035383b343a303832343938363562386465673563646136603635343f636334386c636434603b3e3331353e603530663a30373631666137336461383a3263613e333266336a373139363f6a3169326b63336130333834393364616167343036303631323a353631323037643163393f333c646c31656234336131376165356731343035333437606e622671696c5f736965353b303c34383032303631373361333036303b37356466623b333d646431373e343563373d3a6639303d3a6461663239333364353535303930613a3530313c343635663f6636303a6a38323a303b3b656338613864323b363433333231653739313a31623663366c39353532386a35696331353235646636636267326163373231643234303639363633666c6126736b6e7a3d39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ARF;CIS3SID=67094338CC4F9D658A666418B91678D1
rba-screen.healthsafe-id.com/fp/ Frame 0259 		35 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/ARF;CIS3SID=67094338CC4F9D658A666418B91678D1?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&pageid=99998&sera_parametere=BUhbB1ZQUgBWVVICBAgHBwcMAFJaUwdRC1dWDABaVVZTCVBSV1ZZAQRRARIRS1tZDUgTRBFGUicXVXURVXxDAlNSFVUOBgwGXBZEEVF8QwchCEMHJkZTU1oNREARHVV0Rg8kFVUnRwdbXwNXAVwCVVoLBVZVUgRaV1ZUVwReXgNTWlBVA1FZWgoHUgZTXQBSVA1AXg0NAgYPAQ9SUloFUQAKBAdWAVkFAkRdR18IHlRbAVFUVVVYVgtVVlEHD1JVU1xWAVBRV1ELA1QMVAoHUVRaUAZaWgVFUwsKBVIKUglFUQ8NT1JHE1tfDg1bAV4WC1NbFgBeIgtADVpRRFoQDVIJURYADBJeZQtZUA1PFRYAWltEBhk%2BAFMOW1YDWw0WBkxbCFQ%3D&count=0&max=0
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
cbb6d756e1e368fbd952bfff327dc82b83a052ae74524795b5f04f0e620f7987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rba-screen.healthsafe-id.com/fp/HP?session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&org_id=15saug00&nonce=c8f0bcac2b74b8f0&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jac=1&je=30333926246a646c3533266866603d393934393f316e626e3b3733376733363760613537366262333b6261363a6338246a6e746e3d3232313132332e726d3d6e6d2662617673763f2737422530326e677e656c27323a253341332638302d324b273232737661747571253030273341253032616a6972676b6e6f253232273f4c2669756c6a3d6361356239653465343a336363616136643069376333393a393336313c3e623d633b33373936603464386664363a343030333a6667366e303364636c3834353b2e6d783b3d6e336565353b63616635353336353736356632363b3b363737323c653932646e6b62303139316161
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
rba-screen.healthsafe-id.com/fp/ Frame E34C 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jac=1&je=3336262675656b3f3e322e312e3b362e313b3d
Requested by
Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=F4CB6A1F7E3752B75F9BEE951A56FA34?org_id=15saug00&session_id=fa04f06c-ed2a-4117-8594-2115ce1dc0bb&nonce=c8f0bcac2b74b8f0&jb=3739262668736d773557696c6467777326687b673d5f6966666f7773273230313226687160753d436a726d6f6d266a7162354368726d656d253a30393337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.healthsafe-id.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 01:47:14 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=43952536886161739844456252256758141496

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| dT_ object| dtrum object| dynatrace object| optumPageDataLayer string| RakantoObject function| Rakanto object| webpackChunkhsid_ui_v2 function| initiateStoreUserData function| IMask string| rakanto_ubrid object| rakanto_optout_domains number| rakanto_sendInterval string| pixelCnameSubdomain object| rakanto_api_endpoints function| pxSetUserIdentity function| pxSendCustomData object| pageDataLayer function| publishPostPageData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| targetGlobalSettings function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq object| daco string| s_account object| s function| forge number| s_objectID number| s_giq object| _cls_config object| _detector object| webVitals object| convertize object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| GooglebQhCsO function| inList object| s_i_uhgoptumglobalprod_uhghsidprod_uhgenterprisecoreprod function| pixelTrack object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.99.0 object| _qsie function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed boolean| tmx_profiling_started

42 Cookies

Domain/Path Name / Value
account.optumbank.com/ Name: ApplicationGatewayAffinityCORS
Value: 15b909a3ceff2401d51148780584c285
account.optumbank.com/ Name: ApplicationGatewayAffinity
Value: 15b909a3ceff2401d51148780584c285
account.optumbank.com/ Name: web_oauth2_proxy_csrf
Value: Et7lD3U-A3GPws_ToCBtdyGKnrk4Dg66CQ21nydsl5eC-giuEWW64GXJ3aFx-hqX5xAUiHFZGzsBkLGKtTWX3302fD1zNCDJOImtbwXFF8nS2mN1ykEEh7Y=|1695952029|KstGBaw8AdMSV5QcTQ2hebXebOnDFIgIVwaUZJdbkE0=
account.optumbank.com/ Name: auth_proxy_login
Value: true
sso.optum.com/ Name: ext-PF
Value: D83BjTJjC6Wjre8w9nF8LAaSwRMFe4wBieks9ENXKoZR
www.healthsafe-id.com/ Name: nonce.pdivfG.1695952330
Value: 05ecbb58-99c3-472e-809a-3dc0f7dba3b0
www.healthsafe-id.com/ Name: TS0141ee40
Value: 0191a2d84e53cd0a83acc8767a8f10ef6a0ec33d3aee8c06b2a692d7381b517ac91e1f7283f7291e4d8dc1320fd4cede965b0c1d86
.healthsafe-id.com/ Name: TS01163ad9
Value: 0191a2d84e53cd0a83acc8767a8f10ef6a0ec33d3aee8c06b2a692d7381b517ac91e1f7283f7291e4d8dc1320fd4cede965b0c1d86
www.healthsafe-id.com/ Name: ext-PF
Value: 7XKCYVNMUmRq36Pvrzb7BOTDztkrQC0X68ttskRfPI7a
.healthsafe-id.com/ Name: dtCookie
Value: v_4_srv_42_sn_A96B59C51306BBE3E29C3B876EDFA2F7_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0_app-3Aea7c4b59f27d43eb_0
.www.healthsafe-id.com/ Name: Tv6TR2qd
Value: A4lKnt6KAQAAhIMnauGUvv5bOMVArQzepHI1I02-NCbrYYjII1jDYC5su8QjAT4DJMOucgHcwH8AAEB3AAAAAA|1|0|c9e40a3c3a00de560c0623179efd0c6de36c4e1e
.www.healthsafe-id.com/ Name: TS012562a2
Value: 0191a2d84e53cd0a83acc8767a8f10ef6a0ec33d3aee8c06b2a692d7381b517ac91e1f7283f7291e4d8dc1320fd4cede965b0c1d86
www.healthsafe-id.com/ Name: rakanto_ubrid
Value:
.rakanto.com/ Name: pixel-ubrid
Value: v2.0-6623c2b49c2081ddd8748abbdbb3d082-1352-1363-1694395667359-0001745260-1695952030956
www.healthsafe-id.com/ Name: RakantoClientSideData
Value: eyJ1YnJpZCI6InYyLjAtNjYyM2MyYjQ5YzIwODFkZGQ4NzQ4YWJiZGJiM2QwODItMTM1Mi0xMzYzLTE2OTQzOTU2NjczNTktMDAwMTc0NTI2MC0xNjk1OTUyMDMwOTU2IiwiY29tbWl0X2hhc2giOiIyNzFmZWU0In0=
.healthsafe-id.com/ Name: pixel-ubrid
Value: v2.0-6623c2b49c2081ddd8748abbdbb3d082-1352-1363-1694395667359-0001745260-1695952030956
www.healthsafe-id.com/ Name: HSID_V
Value: a046ff33-df5c-4d78-9820-3467ea8daa62
www.healthsafe-id.com/ Name: SESSION
Value: YThmMmVmODgtNDc1NS00MmE2LThjZjAtZDNmZTM5NjU0M2Iw
.healthsafe-id.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 43952536886161739844456252256758141496
.healthsafe-id.com/ Name: _cls_v
Value: 89d3cea4-753a-48aa-b192-a45baf3fe15d
.healthsafe-id.com/ Name: _cls_s
Value: aeb669f2-0cc2-4c43-8114-8dbf34bac048:0
.healthsafe-id.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.healthsafe-id.com/ Name: _gcl_au
Value: 1.1.36449460.1695952032
.healthsafe-id.com/ Name: mbox
Value: session#f8f59cf15d754c7591402afdf56565b6#1695953892|PC#f8f59cf15d754c7591402afdf56565b6.34_0#1759196832
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRYsnwAAAJlOkANP
.healthsafe-id.com/ Name: gpv_pn
Value: D%3Dv25
.healthsafe-id.com/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 43952536886161739844456252256758141496
.healthsafe-id.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19630%7CMCMID%7C36813908053170499293620391962095685073%7CMCAAMLH-1696556831%7C7%7CMCAAMB-1696556831%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1695959231s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19637%7CvVersion%7C5.0.1
.doubleclick.net/ Name: IDE
Value: AHWqTUmt5ffBX3YlGYm5pCTRQqE9ay_eUj1HeqEPwqVwUCf2poiDh7qqDACi7NuXV_I
.demdex.net/ Name: dextp
Value: 771-1-1695952032015|903-1-1695952032116|285689-1-1695952032223
.adsrvr.org/ Name: TDID
Value: c9d8d856-e574-4eb0-9cdd-0199bf2fa2d5
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIopffhoGmoDwQBRgFIAEoAjILCLisn7OXpqA8EAU4AQ..
report.uhg.glassboxdigital.io/ Name: _cls_cfgver
Value: ffab45dc
report.uhg.glassboxdigital.io/ Name: _cls_v
Value: 89d3cea4-753a-48aa-b192-a45baf3fe15d
report.uhg.glassboxdigital.io/ Name: _cls_s
Value: aeb669f2-0cc2-4c43-8114-8dbf34bac048:0
.healthsafe-id.com/ Name: cls_e
Value: aeb669f2-0cc2-4c43-8114-8dbf34bac048:15496876576943
rba-screen.healthsafe-id.com/ Name: thx_guid
Value: aeeb58d7954ddd29a21d7ffc4949247e
report.uhg.glassboxdigital.io/ Name: AWSALBCORS
Value: LGO4TcF+T/UpCKjeSq9In0dm/jlUgFQFal+K/QWFNXkdDqFG3A3/G/WU8biOWwlWs81UFlR/VXiUAubodMzyBtjD0FNw+L4hIJGJbaIwluzlogWMSREdZonWrSb3
report.uhg.glassboxdigital.io/ Name: cls_e
Value: aeb669f2-0cc2-4c43-8114-8dbf34bac048:15496876576943
h.online-metrix.net/ Name: thx_global_guid
Value: 1cc0a4a5e59541ca854a3a433aa62dad

4 Console Messages

Source Level URL
Text
rendering warning URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AMCRjt6KAQAAsYpd26VW1FI19GjkPUSM3a36Pqb1RBzsogDYsOq-n5TJ8QdI&EdxVWcjYRR--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js(Line 96)
Message:
Refused to create a worker from 'blob:https://www.healthsafe-id.com/0205bc6d-b464-4272-bb90-b9177c692431' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=43952536886161739844456252256758141496
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15saug00zuoqd4cjalr6jzmcexp27vfyrmyplpwac8f0bcac2b74b8f0sac.d.aa.online-metrix.net
account.optumbank.com
assets.adobedtm.com
cdn.gbqofs.com
cdn.healthsafe-id.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
cse.rakanto.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
match.adsrvr.org
member.werally.com
myoptum.optum.com
rba-screen.healthsafe-id.com
repo.rakanto.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
sso.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.ca
www.google.com
www.googletagmanager.com
www.healthsafe-id.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.208.240
104.18.24.13
13.107.253.40
13.111.39.86
13.32.208.118
142.250.31.94
142.251.111.154
142.251.16.156
149.111.144.83
149.111.164.232
149.111.165.13
149.111.166.210
15.197.193.217
172.253.115.147
172.253.63.97
192.225.158.1
192.225.158.132
192.225.158.3
2.23.160.226
3.213.216.245
34.193.14.36
44.207.177.141
45.60.31.26
52.167.10.111
52.55.43.203
63.140.38.180
63.140.38.226
0467b448a90e06bea5cd1cb56c1f84095d09383d586e4c7a318783b70916b597
054404fe09f089205eec9a2ebe2e8908200af3367e44adabf34539702e0fcb11
108b225bdaefe227e852f6714d90b342b9b0c34c1bfc0a635d86cf4764854c68
18b1d9a6c995b8957b4484b45b15d2ea2fe4d570fb6b6eb63b301734b8f8c4ae
1fcdc427bd5af7b72dcd7844f48df7cd9c3fbf51b852a1ebd54fe7e989788e49
202b53c8718f499e2907cbc9a33cf2a251825bc88945a1a49ea5e733c07c69e1
20edc9d4ce8ba668dc74049e00c05e20eb4d856b8015735e1a6ae982767c8c7e
2524ac8f1b6ba018b89b03a34c3a12ef7da8c5598ba196fe34b3e9994d31a9bc
2569b78ed9dc3b08a7ca2991c34ec02439d181558719174c4166bee44dffce01
257ca00190e4bfa1e22598acf4b33a668b3262512eac7a4525ff9e8109bf2f83
2f6adb9c118caf85c2b7340b793cd80b99a6aa402653a5a0382f255e0bc39c95
34f38fa5fb5ac0637c6e51fa3fba0ea151baf775aae10572aa071511bc3fc569
38b7dfed9313b8f1c9e2c10bd563cba4c95ef2b02b08320150189308cdc04978
3a8189f947441620accc6d8297e23620621cd9f91ed7218c216d53525beb0423
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
4519c43756353608269b1837e3966008f6951413a2c51b5c27b71a86970a3610
45e38924674903037f89c6647966b8eb59b610bd6775c6a93488f0d9747d4b7f
474c1c1710c1236292ade8cdce7c56778c1896659226d50866de6a824c21db3f
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af
5fc0077222f73de7153033afefd7ba6b7e25dc3d0eae06889680eda68e040e3b
617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b
6a8a17f39669d361e6a0c11ea7bd31f2d351b3bfa4da7245accc88fd38e15796
6dab981e6a8b55f28477a371a75f2b7a8054cd2f467cf816be72c75ca27e8191
7191a39519204e639ba774d44719bdcf34c702838a87f608db559a14966b6625
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
762d1c9ebd58313b8309a58ad8bfa83e01929f4ac0e172acd2401e2d288783bb
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
7e61c7f64062b0d5ea6872cc06fe0f5b6d920a7983e03a53a47bf8f286632a8a
806ff0b1207820abc4de57e70835bcb327b740b5ebfa7aac991c89b091198c71
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
83c5eff9a90a954a0a8cb7324ff1eb96dd712a6941f916de6ab4fcaf02943210
8bd6b7c047c6a7e767c4786c08002565429a6043c1acb57fa3ec7dd833fa6386
8eaa257cd772f27c4fec48f458ca85f119bee0da650217afb3d5d6b3c2b475c3
8f3d6cd99bd2d627dcf124c8c449a70556f01f1ca12bcc67ea59d6c37e2f0add
9067f412b377f137514c556625c5df15f3c30bc82ebea2133a267db3881a1564
929b1e3efc1c5dedd2b0da75fcf480a0a421582434199a62568ea6906d336b38
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9d5ccbbe34840150c62600c232855499c9d928ed5dea81fbe1f0c43e11674b5f
a9e0a781f9185f7adfa69519996738ac53c3da510a3398670e1503358c23e54f
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
c5e72934177e9efe0308fca7056d14189137a92b0dfea25a492597a62196a49e
c8839e3735e88e3ea9ad62d22ce242ab170e73e5dcb718dc4ffd0e92fa9885dd
ca0a603559281320c2072139ce3ae2faafd81249a29b8fed19b66405aa77b079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb6d756e1e368fbd952bfff327dc82b83a052ae74524795b5f04f0e620f7987
d3c5fdda2d2974960c72827afa3dbcd20cb62070d7538a3ca0806c5e22fb3000
d5f0b06eaed5237590c778fd1171c1e7566b00864bb6e259fa64d69ad18e6603
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
d9c90b1b7e43a189655b4403657eb10d1fe9f0ff416cdf494c5feb60db83f2fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d14efb23e7e2a939fb98fd00cc2f2a8b192cc9dfe55d86cb766e99de6ea319
e40b8457a2b21fd43aed19b97893172ea864a752fb1abb8a679e61e1095b5a65
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
ee754689f74042f2bbf5d5a46efc6bef47acac629c88c58e3726914f852bac2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
fa42b3fe18f58812bdc68196038dde44df7c6eca4abf658940c17a017b6b1ed0
fc960529eb7e8ec5defdf64a433b8722334bc4159feeee806df175e49a0adef7