urlscan.io logo urlscan.io
SecurityTrails logo

myhbp.org Open in urlscan Pro
65.9.95.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://myhbp.org/
Effective URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Submission: On May 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 65.9.95.47, located in United States and belongs to AMAZON-02, US. The main domain is myhbp.org. The Cisco Umbrella rank of the primary domain is 223195.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 23rd 2023. Valid for: a year.
This is the only time myhbp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 12 65.9.95.47 16509 (AMAZON-02)
1 1 104.17.97.195 13335 (CLOUDFLAR...)
4 104.18.70.113 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 104.16.53.111 13335 (CLOUDFLAR...)
14 5
12    65.9.95.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-47.prg50.r.cloudfront.net
myhbp.org
1    104.17.97.195 (None, )

ASN13335 (CLOUDFLARENET, US)
v2.zopim.com
4    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
hbphelp.zendesk.com
Apex Domain
Subdomains		 Transfer
12 myhbp.org
myhbp.org — Cisco Umbrella Rank: 223195
1 MB
5 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2248
ekr.zdassets.com — Cisco Umbrella Rank: 2556
343 KB
1 zendesk.com
hbphelp.zendesk.com — Cisco Umbrella Rank: 466091
1 KB
1 zopim.com
v2.zopim.com — Cisco Umbrella Rank: 15062
220 B
14 4
Domain Requested by
12 myhbp.org 4 redirects myhbp.org
4 static.zdassets.com myhbp.org
v2.zopim.com
static.zdassets.com
1 hbphelp.zendesk.com static.zdassets.com
1 ekr.zdassets.com v2.zopim.com
1 v2.zopim.com 1 redirects
14 5

This site contains no links.

Subject Issuer Validity Valid
*.myhbp.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-23 -
2024-07-16		 a year crt.sh
zdassets.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
hbphelp.zendesk.com
E1		 2024-05-20 -
2024-08-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Frame ID: 9AD897F438C497BEE9F23B2B1F183145
Requests: 11 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-fd3e127.js
Frame ID: 29802B021BEBEE21AABEBD179D68F51F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Harvard Business Publishing | Corporate Learning

Page URL History Show full URLs

  1. http://myhbp.org/ HTTP 307
    https://myhbp.org/ HTTP 302
    https://myhbp.org/home/landing.html HTTP 302
    https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=htt... Page URL
  2. https://myhbp.org/ping/idp/SSO.saml2 HTTP 302
    https://myhbp.org/idp/login?resume=%2Fidp%2FbliQCoYeR5%2FresumeSAML20%2Fidp%2FSSO.ping&spentit... HTTP 302
    https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:h... Page URL

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1391 kB
Transfer

7058 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myhbp.org/ HTTP 307
    https://myhbp.org/ HTTP 302
    https://myhbp.org/home/landing.html HTTP 302
    https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=https%3A%2F%2Fmyhbp.org%3A443%2Fhome%2Fauthenticate%3Fcontinue%3D%252Flanding.html Page URL
  2. https://myhbp.org/ping/idp/SSO.saml2 HTTP 302
    https://myhbp.org/idp/login?resume=%2Fidp%2FbliQCoYeR5%2FresumeSAML20%2Fidp%2FSSO.ping&spentity=sp%3Acl%3Ahbsp%3Asaml2 HTTP 302
    https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://myhbp.org/ HTTP 307
  • https://myhbp.org/ HTTP 302
  • https://myhbp.org/home/landing.html HTTP 302
  • https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=https%3A%2F%2Fmyhbp.org%3A443%2Fhome%2Fauthenticate%3Fcontinue%3D%252Flanding.html
Request Chain 7
  • https://v2.zopim.com/?3POLSd6mimTNxdgblOuHRp1FxVx7xYG0 HTTP 302
  • https://static.zdassets.com/ekr/asset_composer.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
startSSO.ping
myhbp.org/ping/sp/
Redirect Chain
  • http://myhbp.org/
  • https://myhbp.org/
  • https://myhbp.org/home/landing.html
  • https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=https%3A%2F%2Fmyhbp.org%3A443%2Fhome%2Fauthenticate%3Fcontinue%3D%252Flanding.html
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=https%3A%2F%2Fmyhbp.org%3A443%2Fhome%2Fauthenticate%3Fcontinue%3D%252Flanding.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
775
content-type
text/html;charset=utf-8
date
Tue, 21 May 2024 18:57:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
leg
PROD1
pragma
no-cache
server
vary
Accept-Encoding Accept-Encoding
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-id
DnoblINH5dX_qqgTwbXbJn51DDLA2wa-loSKR7jG_a1PoiQEyw7lYw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront

Redirect headers

content-length
0
content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
date
Tue, 21 May 2024 18:57:31 GMT
location
https://myhbp.org/ping/sp/startSSO.ping?PartnerIdpId=sp%3Acl%3Ahbsp%3Asaml2&TargetResource=https%3A%2F%2Fmyhbp.org%3A443%2Fhome%2Fauthenticate%3Fcontinue%3D%252Flanding.html
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=31536000 ; includeSubDomains
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-id
e1ExYntmaO6HPWhlYIK_S3GKzPVcFbe8N1A3_o_hE4zDwBXIKfjiCA==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
Primary Request login
myhbp.org/home/
Redirect Chain
  • https://myhbp.org/ping/idp/SSO.saml2
  • https://myhbp.org/idp/login?resume=%2Fidp%2FbliQCoYeR5%2FresumeSAML20%2Fidp%2FSSO.ping&spentity=sp%3Acl%3Ahbsp%3Asaml2
  • https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
609 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
b3c4e0f5fcdf4a5ea71a169cffaef3cb6d0fb00cc0f504d29355dfa076293b93
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://myhbp.org
Referer
https://myhbp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache no-store
content-encoding
gzip
content-language
de-DE
content-length
366
content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
content-type
text/html
date
Tue, 21 May 2024 18:57:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Thu, 04 Apr 2024 19:47:32 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-id
wRNABV8Mx0Tbiv_92o4g4pJ_QT8eUtV2mCfIAWRCKVWq5R2CGgul_A==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
de-DE
content-length
0
date
Tue, 21 May 2024 18:57:33 GMT
expires
0
location
https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
pragma
no-cache
server
strict-transport-security
max-age=31536000 ; includeSubDomains
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-id
IQtjNXmhEVjBRFWkhcu7KmlxFbAJuhC0s4VfJx1QBNtZHieid182qg==
x-amz-cf-pop
PRG50-C1
x-application-context
application
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
favicon.ico
myhbp.org/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:33 GMT
x-amz-version-id
S.6eS_6ltvpvFXPlSXEQv768voGA6pZS
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 14:01:18 GMT
server
AmazonS3
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"57f3270ce380820fc574ccd98d5cca52"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
oEkmDNHt7b0q0j9ICRan4hYA-Jaj2ygj6wcBnCYDCW1uaagFtPFFPw==
lato.css
myhbp.org/home/resources/fonts/Lato/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/home/resources/fonts/Lato/lato.css
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
d5fb3f9281572198ff5d03ba2c93f20b495717411d50ca02cc13e8cc42257c40
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
date
Tue, 21 May 2024 18:57:33 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
372
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Apr 2024 19:47:32 GMT
server
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-amz-cf-id
KiOs0GA-os00YDcWYH_0sMw5MOfQ5_xBTwbqLLWBtKjz3qffwKlvag==
react.bundle.css
myhbp.org/home/resources/dist/ 		4 MB
596 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/home/resources/dist/react.bundle.css
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
ea044266abab73aea8042ba9fb1aac0246a39b2669af276da874bfd631bb591a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
date
Tue, 21 May 2024 18:57:33 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Apr 2024 19:50:06 GMT
server
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-amz-cf-id
fpf7Zq8mCUiKsCvZ3p1YkD_vafrzWxd4Jj4qK4POYur35dJyoHj-nw==
react.bundle.js
myhbp.org/home/resources/dist/ 		2 MB
389 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/home/resources/dist/react.bundle.js
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
ae74e1dfa65a30d8e2fb074ab5f06f874d8a8ecfe264260d4f92ef200451874a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
date
Tue, 21 May 2024 18:57:33 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Apr 2024 19:50:06 GMT
server
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-amz-cf-id
fNq8vQQrsSDu5H0WvylaNO5M6A-3oIefOIhXjxl0KoT6Yj4KiqDnrA==
HBPub_reverse_crimson_rev_OnBlack.svg
myhbp.org/home/resources/dist/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myhbp.org/home/resources/dist/HBPub_reverse_crimson_rev_OnBlack.svg
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/resources/dist/react.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
8b6affa17b5f953af2557d77a5a73f99c6931719ebb7a5398b95582e179590c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/home/resources/dist/react.bundle.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
date
Tue, 21 May 2024 18:57:34 GMT
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
31610
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Apr 2024 19:50:06 GMT
server
x-frame-options
DENY
content-type
image/svg+xml
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-amz-cf-id
0d1CesVYfj0auMkEuWMf83pZ4VbNQcFpTMJ6CAUlhUrceSzUg7HMJA==
lato-v23-latin-regular.woff2
myhbp.org/home/resources/fonts/Lato/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myhbp.org/home/resources/fonts/Lato/lato-v23-latin-regular.woff2
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/resources/fonts/Lato/lato.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-47.prg50.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/home/resources/fonts/Lato/lato.css
Origin
https://myhbp.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' https:; img-src * data:; connect-src 'self' https:; font-src https:; media-src https: data: blob:; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https: 'unsafe-inline'
date
Tue, 21 May 2024 18:57:34 GMT
via
1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
23580
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Apr 2024 19:47:32 GMT
server
x-frame-options
DENY
content-type
font/woff2
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
accept-ranges
bytes
x-amz-cf-id
h17i3M_uPFBtegiQDGECg_PhP1jURR9pmArQX_gjF_50sKs5oUPhHw==
asset_composer.js
static.zdassets.com/ekr/
Redirect Chain
  • https://v2.zopim.com/?3POLSd6mimTNxdgblOuHRp1FxVx7xYG0
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: myhbp.org
URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://myhbp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 21 May 2024 18:57:34 GMT
x-amz-version-id
KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PZERAEDAFZ9SYDTC
age
7
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
tr/so4/RjvATt57vT5wh/Tz8DnV+qeKn9kxsgChY1AajmU8f2RwhpxcTMLctipwAH7PwDn9UhU4=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cx19ceAX%2BbD5RUhSjGSzrDAVNwM23tiSPJZ43yTrtjyKNtSAe5m3FlZd6ZpCPB%2BiNjW3w7CR3eN%2FYS2D3wodkf%2BK1aup55LD8OrQ7ksyURCKVMB%2F44WRgn8r7XXJtaBW9pqW2g4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8876caff9cc19734-FRA
access-control-allow-headers
*

Redirect headers

date
Tue, 21 May 2024 18:57:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8876caff0d76972a-FRA
content-length
143
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb71c2c1aa2da7c7b6d36f226b12ae8c4f474e79f1ac10cc2b97a091a41f9863

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
3POLSd6mimTNxdgblOuHRp1FxVx7xYG0
ekr.zdassets.com/compose/zopim_chat/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/zopim_chat/3POLSd6mimTNxdgblOuHRp1FxVx7xYG0
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?3POLSd6mimTNxdgblOuHRp1FxVx7xYG0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681e4b9fbbd361328eea9b773bf96de4097aad0567f6a4815975a0f7f0c74321
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myhbp.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:34 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
887471ce5d530da0-SEA, 887471ce5d530da0-SEA
x-runtime
0.006507
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"681e4b9fbbd361328eea9b773bf96de4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sg7UHDWtjAmI%2Fw7KtPzFoR7apxJKS%2F%2FJRiBpJ9tp%2BoxLYnko4pcjSPephRvOsHSQ9k8F4izUhB6UiU8Z8C0IuL3Fospb6KAMlCLIXJWvha0CQwtp75MZRDMeMUvcaF8Qyl8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8876cb004e889951-FRA
web-widget-main-fd3e127.js
static.zdassets.com/web_widget/classic/latest/ Frame 2980 		972 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-fd3e127.js
Requested by
Host: v2.zopim.com
URL: https://v2.zopim.com/?3POLSd6mimTNxdgblOuHRp1FxVx7xYG0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c384a3da9dfaa83c15a52246616640cfce38accac60ffdae135ffa11afd5aa66
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:35 GMT
x-amz-version-id
jg72frFSf667yBcm3u_cxdKeI2QLmfyJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
46NTM8WRYYP5TA8T
age
63
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ViuDR+FzGy8CyCYX8c6i0GPhQJVcLI+MxI6dRbB0W2Alqq2FeLoEGj6pI9Y7aPLm85NkgDhquN8=
last-modified
Thu, 09 May 2024 20:55:58 GMT
server
cloudflare
etag
W/"2a4384f1414086c32d87b017b0ffc26b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RusMOj8%2BkQMFwrRBFjYGQ0%2FjTPVeKZznyPK41ynHWO2LF7WPnv7yvG4RkWaOCkkU%2FTLXeg%2Bum3wlvWYO81sAHDImBoMuXQwg6NKCqZK7w%2Bfb2OSngAuEvggkqQOvWsr04dMvAJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8876cb01afc99734-FRA
access-control-allow-headers
*
expires
Fri, 09 May 2025 20:55:57 GMT
en-us-json-fd3e127.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 2980 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-fd3e127.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-fd3e127.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:35 GMT
x-amz-version-id
eWkp3qPfbZJBZCuZGiE7NfTZBzWAcP8I
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
46NV0E3SC7EM6S42
age
24625
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
c7g3JlmdQrBv0ZbMFesKMyek5VEDHtR3vPA+ssbvLLqzedNYxrko6NWY5Hli8QOmMhfW5ybg+lQ=
last-modified
Thu, 09 May 2024 20:56:00 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XJti9%2Fvn%2BUy%2BtXxB%2BPrHSp7Muvuiwd4yQpb%2BzBxPM2xzt1D%2BbKfrBpXNiq7URwdQQRbmVMUcVYnCpGw7GBSqnUT771MTBSipDjJ35jrZpj5N9M82Y1YXiFNEUnI%2FnUliEqD%2BeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8876cb02b96f9734-FRA
access-control-allow-headers
*
expires
Fri, 09 May 2025 20:55:59 GMT
config
hbphelp.zendesk.com/embeddable/ Frame 2980 		914 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbphelp.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-fd3e127.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f4d924e784535b23e82cb7a13b19937bbeac2c1aa00b722c4b86bd447c28e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23
x-zendesk-origin-server
embeddable-app-server-5b446b46b9-kxh4s
x-cached
STALE
x-runtime
0.002706
last-modified
Tue, 21 May 2024 18:57:12 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eiBK9Uqon0x4wkh7ZrdjqqKQfy9%2BDaLOETs69CPuliqfu7lvpwFlNh1W0JmLpORwdA26KzHP20%2BVdmh6omEs%2FtkOuNEcwRovAm0BRvPk3Duq%2Fm%2BME1DOr4yftFxRT1weNIOocCg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8876cb038fad9a3b-FRA
web-widget-chat-sdk-fd3e127.js
static.zdassets.com/web_widget/classic/latest/ Frame 2980 		216 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-fd3e127.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-fd3e127.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:57:35 GMT
x-amz-version-id
VJjS3GGv6lzZMtWtIKZdtah84jRSwGUB
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
46NYFWTE18GHYDVT
age
24625
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
IvK53f21jR7NrUYAQzUcyYXqj72GD70vqcDo/OY8RwmIc97WLsvI2wW8woG4YxqXUd1SEUPzpac=
last-modified
Thu, 09 May 2024 20:55:58 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yERgBV2pxt6rxiPmNs%2Bs%2FZBZaZgfwQjOxwS5Ccqpbj7dA4wdHYAcGlK9oTwHpQwqmWPTJzguNpP0vFfe6ZFe3Dfmm0CA6x%2F7vDP7i%2BR%2Fh%2FmCMK5ingY0HVUt1dy5Puxc0v101Ag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8876cb0319d89734-FRA
access-control-allow-headers
*
expires
Fri, 09 May 2025 20:55:57 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ object| cl-home object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

5 Cookies

Domain/Path Name / Value
myhbp.org/ Name: AWSELB
Value: BD61035906F6E439A79D6CEF1F8FFD74ACD03CFC76A758FBBB78C8BC3D6C2C4C3F7B239BBE8C7C3A6FBEF1D903B5AE4F390B50B97406403B97B2A84943701AA6B70FE6862B
myhbp.org/ Name: AWSELBCORS
Value: BD61035906F6E439A79D6CEF1F8FFD74ACD03CFC76A758FBBB78C8BC3D6C2C4C3F7B239BBE8C7C3A6FBEF1D903B5AE4F390B50B97406403B97B2A84943701AA6B70FE6862B
myhbp.org/ Name: jsessionid.home
Value: B205F1F09F25AC4C25CB939536C9EF1B
.myhbp.org/ Name: app-context
Value: /home
.myhbp.org/ Name: PF
Value: bzSXiI2VvMIET1HPF2NUBu6IE5kjpQ3YcE3AYbSp3xcJ

10 Console Messages

Source Level URL
Text
network error URL: https://myhbp.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
recommendation verbose URL: https://myhbp.org/home/login?resume=/idp/bliQCoYeR5/resumeSAML20/idp/SSO.ping&spentity=sp:cl:hbsp:saml2
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security error URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-fd3e127.js(Line 1)
Message:
Refused to connect to 'wss://widget-mediator.zopim.com/s/W/ws/5WzxA6Gqz11E9R0v/c/1716317855282' because it violates the following Content Security Policy directive: "connect-src 'self' https:".