www.healthsafe-id.com Open in urlscan Pro
149.111.166.210 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fres...
Submission: On September 04 via manual (September 4th 2023, 9:19:43 am UTC) from GB — Scanned from GB

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 81 HTTP transactions. The main IP is 149.111.166.210, located in United States and belongs to UHC, US. The main domain is www.healthsafe-id.com. The Cisco Umbrella rank of the primary domain is 46055.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 8th 2023. Valid for: a year.

This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	149.111.166.210 149.111.166.210	10879 (UHC) (UHC)
1	168.183.44.227 168.183.44.227	10879 (UHC) (UHC)
10	2600:9000:249... 2600:9000:2490:8800:3:b102:a080:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	168.183.37.177 168.183.37.177	10879 (UHC) (UHC)
1 4	34.251.64.143 34.251.64.143	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.60.33.26 45.60.33.26	19551 (INCAPSULA) (INCAPSULA)
2	149.111.165.13 149.111.165.13	10879 (UHC) (UHC)
1	54.229.208.26 54.229.208.26	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.108 63.140.62.108	15224 (OMNITURE) (OMNITURE)
1 1	52.215.87.25 52.215.87.25	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.115 66.235.152.115	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
16	91.235.133.67 91.235.133.67	30286 (THM) (THM)
2	54.160.51.39 54.160.51.39	14618 (AMAZON-AES) (AMAZON-AES)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
81	23

12 149.111.166.210 (United States)

ASN10879 (UHC, US)
PTR: healthsafeid-hcc-elr.optum.com

www.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.183.44.227 (United States)

ASN10879 (UHC, US)
PTR: repo-ctc.rakanto.com

repo.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2490:8800:3:b102:a080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.183.37.177 (United States)

ASN10879 (UHC, US)
PTR: cdc-aem-ctc.optum.com

cdc-aem.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.64.143 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)

member.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.111.165.13 (United States)

ASN10879 (UHC, US)
PTR: cse-elr.rakanto.com

cse.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.208.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-208-26.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.108 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.87.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-87-25.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-115.data.adobedc.net

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.133.67 (United States)

ASN30286 (THM, US)

rba-screen.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.51.39 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-51-39.compute-1.amazonaws.com

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	healthsafe-id.com www.healthsafe-id.com — Cisco Umbrella Rank: 46055 cdn.healthsafe-id.com — Cisco Umbrella Rank: 53422 rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 54259	666 KB
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 40065 siteintercept.qualtrics.com — Cisco Umbrella Rank: 883	70 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2841 15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net	17 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 223 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 19418	7 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 454	190 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	5 KB
4	optum.com cdc-aem.optum.com — Cisco Umbrella Rank: 59591 smetrics.optum.com — Cisco Umbrella Rank: 18335	16 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	208 KB
3	rakanto.com repo.rakanto.com — Cisco Umbrella Rank: 22130 cse.rakanto.com — Cisco Umbrella Rank: 21473	60 KB
2	glassboxdigital.io report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 20560	3 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4129	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 7379	291 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 348	265 B
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 19533	841 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1197	517 B
1	werally.com member.werally.com — Cisco Umbrella Rank: 56723	896 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
81	18

	Domain	Requested by
16	rba-screen.healthsafe-id.com	cdn.healthsafe-id.com rba-screen.healthsafe-id.com cdn.gbqofs.com
12	www.healthsafe-id.com	www.healthsafe-id.com cdn.healthsafe-id.com
10	cdn.healthsafe-id.com	www.healthsafe-id.com cdn.healthsafe-id.com
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com www.healthsafe-id.com siteintercept.qualtrics.com
5	assets.adobedtm.com	cdn.healthsafe-id.com assets.adobedtm.com
4	h.online-metrix.net	1 redirects rba-screen.healthsafe-id.com
4	dpm.demdex.net	1 redirects www.healthsafe-id.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	report.uhg.glassboxdigital.io	www.healthsafe-id.com cdn.gbqofs.com
2	www.google.co.uk	www.healthsafe-id.com
2	www.google.com	www.healthsafe-id.com
2	cm.g.doubleclick.net	2 redirects
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	smetrics.optum.com	www.healthsafe-id.com
2	cse.rakanto.com	www.healthsafe-id.com
2	cdn.gbqofs.com	www.healthsafe-id.com cdn.gbqofs.com
2	cdc-aem.optum.com	www.healthsafe-id.com
1	15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	www.healthsafe-id.com
1	match.adsrvr.org	www.healthsafe-id.com
1	unitedhealthgroup.tt.omtrdc.net	www.healthsafe-id.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	member.werally.com	www.healthsafe-id.com
1	repo.rakanto.com	www.healthsafe-id.com
0	global.ib-ibi.com Failed	www.healthsafe-id.com
81	26

This site contains links to these domains. Also see Links.

Domain
account.optumbank.com
www.uhc.com

Subject Issuer	Validity	Valid
healthsafeid-hcc.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-04-08` - `2024-04-07`	a year	crt.sh
repo.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2023-07-04` - `2024-07-03`	a year	crt.sh
cdn.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2023-06-07` - `2024-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
cdc-aem.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-08-01` - `2024-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh
*.werally.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-28` - `2024-07-28`	a year	crt.sh
cse.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2023-08-29` - `2024-08-28`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
rba-screen.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2023-04-24` - `2024-04-23`	a year	crt.sh
uhg.glassboxdigital.io Amazon RSA 2048 M01	`2023-03-01` - `2023-11-07`	8 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Frame ID: D513A0C0B4EC85FE3535257D346DCFD6
Requests: 56 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 44E49A2F8D1FEA8D923F249750D78C25
Requests: 4 HTTP requests in this frame

Frame: https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: 538B183B3937C98A7D91B048E8E4733B
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jb=3d39262e6a736f7535556b6e6667777324687b6d3f576966666777712730383932246a736a753d4b68726f6d6d24687360354368706d656727323039333e
Frame ID: 66AA22EC1C438E7A7B5A5A5B967A2BDE
Requests: 13 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 58A8AE553E1FFD6CC8621BFFDA57DEED
Requests: 3 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4
Frame ID: D17EB414B4B4CB66D096E9449AA7C08C
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4
Frame ID: C9AB9DB4F8D9FEE76F0CB8FDCBEFBE51
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4
Frame ID: 992A7A57BE9C81D1503770E60B0C7715
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - OptumBank

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

81
Requests

94 %
HTTPS

29 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1535 kB
Transfer

5120 kB
Size

33
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://account.optumbank.com/

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/accessibility
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945

Request Chain 28

https://cm.everesttech.net/cm/dd?d_uuid=88392128988230621773498119133451254848 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPWhKAAAALQOygN-

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODgzOTIxMjg5ODgyMzA2MjE3NzM0OTgxMTkxMzM0NTEyNTQ4NDg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODgzOTIxMjg5ODgyMzA2MjE3NzM0OTgxMTkxMzM0NTEyNTQ4NDg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGLBh5zmFHxn9k-FNflPFgM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 61

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&k=2

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request en Show response
www.healthsafe-id.com/rt/login/cap/ 5 KB
3 KB 1162ms
148ms Document
text/html 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

d49f36cd612612ea187e8314c1224f072eb1a7c7c5839928960746dcfc6b9283

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:33 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1703128690"
Strict-Transport-Security: max-age=300; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-4
X-ruxit-JS-Agent: true

GET
H/1.1 200
OK bundles-average.js Show response
www.healthsafe-id.com/assets/ 996 B
2 KB 243ms
242ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/assets/bundles-average.js

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

30a504b69bd97d1dcd16eea14d39e612f317101bd3f0ab36f595d1f62d19fb22

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:33 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Via: 1.1 google
Transfer-Encoding: chunked
X-Ion-Hop: 1
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1022380456"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200
OK ruxitagentjs_ICA27NVdefghjqrtux_10269230615181503.js Show response
www.healthsafe-id.com/ 226 KB
87 KB 144ms
143ms Script
text/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjqrtux_10269230615181503.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

7c596e1d27614ba207af423d461a69cedc2e2b681ea7c5bf7fc21b0077c76d03

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:33 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 88087
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Sep 2024 09:19:33 GMT

GET
H/1.1 200
OK bundles-average.js Show response
www.healthsafe-id.com/assets/ 208 KB
119 KB 258ms
257ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

3eb88e21781c93bf785739c93f0487a93a27bfdb5b1ac4dd0a33e37df17ed7a6

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:33 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-ps-id: hsid-prod-elr-4
Via: 1.1 google
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
X-Ion-Hop: 1
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="564499804"
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cx.js Show response
repo.rakanto.com/rakanto/cx/ 150 KB
60 KB 899ms
146ms Script
application/javascript 168.183.44.227
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://repo.rakanto.com/rakanto/cx/cx.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.44.227 , United States, ASN10879 (UHC, US),

Reverse DNS

repo-ctc.rakanto.com

Software

Resource Hash

7a56c1f22499d04cd4d03d1fc2d611a6385d425e790e70d47d782458268375f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:35 GMT
Content-Encoding: gzip
Referrer-Policy: origin
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=1800, private
Connection: keep-alive
Expires: Mon, 04 Sep 2023 09:49:35 GMT

GET
H2 200 index.3f3d0ab2.js Show response
cdn.healthsafe-id.com/static/js/ 498 KB
156 KB 780ms
450ms Script
application/javascript 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86d9980dd07b0eb53140f7f60ec1c5196e52f1c64a2bca1e7f6f5a5a1f88b885

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: IdSS6X5UyAIyF6s2ACysLL7ne5kKBsPs
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:36 GMT
last-modified: Thu, 31 Aug 2023 03:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"8f75dcce4ce96eeefe30b472ab845ff1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2zFKVG1jHfJwX5C4ME8r1ba6kqAnFGcosF-fo42Ot3pSBHYNdKfAKw==

GET
H2 200 unsupportedBrowser.3426666d.js Show response
cdn.healthsafe-id.com/static/js/ 2 KB
1 KB 767ms
438ms Script
application/javascript 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/unsupportedBrowser.3426666d.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: nQsRFG_sfYiYWs7CtNRS869qjpgGHzkD
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:36 GMT
last-modified: Thu, 31 Aug 2023 03:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"cbcb1d91a1505564a4121e8bf5972b13"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4SQ8zu8ZDhn8DnPeClVwU0oxkgv_-G28azhCrZrg2fipm4P6IZcr6g==

GET
H2 200 index.36f70783.css
cdn.healthsafe-id.com/static/css/ 88 KB
15 KB 883ms
554ms Stylesheet
text/css 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea803adc6918df0de1d4cfb11ec88d1ff01552102dee4b0ddbacffdac99b8dbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Taba0MtXdXPdi3W1PV3LGscP9DMqGjfc
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:36 GMT
last-modified: Thu, 31 Aug 2023 03:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"a200d7f54301cade5e0294c77e507ca5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0C6jWHPsBeFX7rzlv1fSIrogn4FHkWwL9mabJTPRNfJSDVpxgOzdew==

GET
H2 200 launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js Show response
assets.adobedtm.com/ 524 KB
103 KB 165ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b28bd866e643de789ec8763657c5a7ab99f1f059cafeb91d92701dedcd613037

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:35 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:04 GMT
server: AkamaiNetStorage
etag: "dc10a521a6ef0b6419d76d2dc3e123d4:1692686524.147878"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 105310
expires: Mon, 04 Sep 2023 10:19:35 GMT

GET
H3 200 UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
cdn.healthsafe-id.com/static/media/ 23 KB
23 KB 502ms
455ms Font
binary/octet-stream 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Medium.24b68e9d6b8a564dc3c8.woff2
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 6Z2KNjg8zEYRQn9JzOZ4Whiw7IEet1Gy
date: Mon, 04 Sep 2023 09:19:36 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23212
last-modified: Thu, 31 Aug 2023 03:43:48 GMT
server: AmazonS3
etag: "bcbe88fab9e22b1eac7a432af94051c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: A_cRedsVi_3LUW3N9KPedtF35YLn-C9NNhXsY3x0oKAEqecUvljLHQ==

GET
H/1.1 200 en Show response
www.healthsafe-id.com/uiconfig/cap/ 2 KB
2 KB 290ms
290ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/uiconfig/cap/en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

d15885e99f81a85f769421bbef35d5654b7b3ab4165049a4524d859617307562

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-dtpc: 39$19174537_390h2vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0

Response headers

Date: Mon, 04 Sep 2023 09:19:35 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="252121059"
Content-Length: 754
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
ETag: "15:dtagent10269230615181503VMh8-gzip:dtagent10269230615181503VMh8"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H/1.1 200 en Show response
www.healthsafe-id.com/hsid2/content/cap/ 51 KB
16 KB 225ms
225ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid2/content/cap/en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

e6e7252ae36160ed4ab51df7cfe78e94f93b52af86fdaf18f9e062cf8be789e6

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-dtpc: 39$19174537_390h3vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0

Response headers

Date: Mon, 04 Sep 2023 09:19:35 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-572531489"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 667.52b89e07.chunk.js Show response
cdn.healthsafe-id.com/static/js/ 22 KB
8 KB 445ms
445ms Script
application/javascript 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/667.52b89e07.chunk.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 370f0500163eafa1b88896b1420c3aea95685060885d9d336c634ae26fa9fad5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 7ERMOt66JJt0eLt9NIo_Opef2Gzv1tFb
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:37 GMT
last-modified: Thu, 31 Aug 2023 03:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"b238d5e4bec94cf5991748b78039852e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sF0DGaE6_cmD3ktvr6NrGru5tBob6i16GX-D1SPE3HSHD4zwmy5ywQ==

GET
H2 200 384.3b04811e.chunk.css
cdn.healthsafe-id.com/static/css/ 4 KB
2 KB 448ms
447ms Stylesheet
text/css 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/css/384.3b04811e.chunk.css
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff981b7e5571ccedd8af168bea422e72d13532c538226caadae6386831fc372

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Lfhyerf8ffxkKYDRHcefsFz27XtfqaJ3
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:37 GMT
last-modified: Thu, 31 Aug 2023 03:43:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"d522272e2852405bb7e417bbe0a346d0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jw6UL3xFVCwYp9c5gHtiBUEHS1Trf5TTz4CJiWQ_mE4SIOtY4RS6ZQ==

GET
H2 200 384.c6457e7f.chunk.js Show response
cdn.healthsafe-id.com/static/js/ 27 KB
9 KB 441ms
441ms Script
application/javascript 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/js/384.c6457e7f.chunk.js
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f629f0b7620694f0266f6cfb0e5baa1e76fab463a12452803e9dbb47dbddac30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: v5G81MgsFrf9ucDfPs0dFxpZshtx1RSZ
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date: Mon, 04 Sep 2023 09:19:37 GMT
last-modified: Thu, 31 Aug 2023 03:43:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
etag: W/"c3fcd8f8e574e9d308f54891def19b67"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=63072000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8NQ9Ghmr8omYHzN6d7xr_Wm9Qllf7lji31Jwz9jgEK6x-REovqFgNg==

GET
H/1.1 200
OK HSID_Logo.png
cdc-aem.optum.com/content/dam/hsid/ 3 KB
3 KB 1734ms
132ms Image
image/png 168.183.37.177
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdc-aem.optum.com/content/dam/hsid/HSID_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.177 , United States, ASN10879 (UHC, US),

Reverse DNS

cdc-aem-ctc.optum.com

Software

Resource Hash

eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Thu, 31 Aug 2023 11:25:44 GMT
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 2623

GET
H/1.1 200
OK OptumBank_Logo.png
cdc-aem.optum.com/content/dam/hsid/ 12 KB
12 KB 1743ms
135ms Image
image/png 168.183.37.177
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdc-aem.optum.com/content/dam/hsid/OptumBank_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.177 , United States, ASN10879 (UHC, US),

Reverse DNS

cdc-aem-ctc.optum.com

Software

Resource Hash

e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Thu, 31 Aug 2023 11:25:45 GMT
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 12048

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945

976 B
1 KB

41ms
41ms

XHR
application/json

34.251.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945

Requested by

Protocol

HTTP/1.1

Server

34.251.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5acca08ef6ddff6679c2931b1703f36b669af012dcb073a4c329e4387baac06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-081b3f51f.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4zCdX9ZKRVI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 561
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0a2868ca3.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2Fr23OOOR+g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1693819175945
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 331 KB
85 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/EXdfddae05d67148d4b7515927b9635c8b-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8f3f22a768ac5db6d74b6300ce0be9e2db425ef538daed637c452f64d18d7b3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:35 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 86497
expires: Mon, 04 Sep 2023 10:19:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 151ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3bc1ef02f2a18f2e89a872692fce893700842594248e40a3c8d3c508e261f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64968
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 09:19:36 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/hsid/p/ 482 KB
146 KB 132ms
41ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
x-amz-version-id: FlDmaO34SKSn_z5bcjsCcAF_z9ckwxwI
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 7a71153df5fe7b23e438dedb00b3bf4a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
age: 3853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Aug 2023 21:08:47 GMT
server: cloudflare
etag: W/"349a412f01157bf1e84d91d933702c5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 801526dac8f323e3-LHR
x-amz-cf-id: NcwGodqwwxvkLG2Dxitjf3Dv6YuFFm59qgMroiEAcoE4AlhnzwPQQA==
expires: Mon, 04 Sep 2023 13:19:36 GMT

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
cdn.healthsafe-id.com/static/media/ 15 KB
15 KB 456ms
455ms Font
binary/octet-stream 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Roman.6f5c3b3ff50100b75821.woff
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: fL9SqTNe8ZxvYHwLavCYUzKKL.iTsQ3.
date: Mon, 04 Sep 2023 09:19:37 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15176
last-modified: Thu, 31 Aug 2023 03:43:48 GMT
server: AmazonS3
etag: "0d39e9365e15137bddeae2f4bf530b47"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: eXSkme-GyMzf6vND-Wo9L1jwVCQ78J8oqY_97holZi4AhSCUnRu5yQ==

GET
H3 200 FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
cdn.healthsafe-id.com/static/media/ 15 KB
16 KB 442ms
441ms Font
binary/octet-stream 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/FrutigerLTStd-Bold.4599f0715866bb1f25b0.woff
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Kl2M7JwDaAT5va4lMWhQU3XdcbfZKsjS
date: Mon, 04 Sep 2023 09:19:37 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15548
last-modified: Thu, 31 Aug 2023 03:43:48 GMT
server: AmazonS3
etag: "4d8f0b88bbe9f14c9413d24618d29e6b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: CQVwvSElt75hVvHlZMu5hHTtp4Ft0iUJaCsOhVswgWc-0k2Zs5gLLg==

GET
H2 200 system-arrow-md.svg Show response
member.werally.com/assets/icons/ 328 B
896 B 617ms
462ms XHR
image/svg+xml 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/icons/system-arrow-md.svg

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 28 Jan 2022 00:25:20 GMT
x-cdn: Imperva
etag: "61f337f0-148"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-218705841-218701039 2VNN RT(1693819175599 72) q(0 0 0 1) r(4 4)
access-control-expose-headers: Content-Length,Content-Range
x-incap-sess-cookie-hdr: uA95ODNPjUBPs8OJv4KpBSih9WQAAAAAYxYw+saUnyz3qXclfzfplA==
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 242

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
472 B 2313ms
139ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Sep 2023 09:19:38 GMT
X-ps-id: elr_cse_collector_8
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 44E4 7 KB
3 KB 195ms
48ms Document
text/html 54.229.208.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.208.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-208-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-06ae758f2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wZdEfhRgTtk=
content-encoding: gzip
date: Mon, 4 Sep 2023 09:19:36 GMT
last-modified: Wed, 28 Jun 2023 13:22:21 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
462 B 142ms
42ms XHR
application/x-javascript 63.140.62.108
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=84495443572802757844567263886841308073&ts=1693819176265

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.108 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-108.data.adobedc.net

Software

jag /

Resource Hash

8a0be5aa4cb65c8b49097f84e02224b35d7c4bfc8f4da09fab4ca452a94fcf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.healthsafe-id.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZPWhKAAAALQOygN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=88392128988230621773498119133451254848
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPWhKAAAALQOygN-

42 B
942 B

42ms
41ms

Image
image/gif

34.251.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPWhKAAAALQOygN-

Requested by

Protocol

HTTP/1.1

Server

34.251.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0a9eadf0a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TDeJWkF7Sv0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPWhKAAAALQOygN-
Date: Mon, 04 Sep 2023 09:19:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
841 B 199ms
75ms XHR
application/json 66.235.152.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=63216bc360874c2684597e676907b48e&version=2.10.0

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-115.data.adobedc.net

Software

jag /

Resource Hash

a846b4f82102c08caf6add36c1ab194ca0b52f72ca69d3ee444bdee1d914a126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: ac1ebc5c-df78-4973-b79b-a03b93ccd4de

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1aaccac8b32c11cf3fa6f9e0c9fd24997b0d9bddbaa1cc6f159c59b926946011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75202
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 09:19:36 GMT

GET
H/1.1 200 crossStorageHub Show response
www.healthsafe-id.com/protected/ Frame 538B 1 KB
2 KB 166ms
165ms Document
text/html 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/protected/crossStorageHub

Requested by

Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src ; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' ; frame-ancestors 'self' https://www.healthsafe-id.com/;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://www.healthsafe-id.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, PUT, GET
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-GB
Content-Length: 463
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:; default-src 'unsafe-inline' *; frame-ancestors 'self' https://www.healthsafe-id.com/;
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:36 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-346817135"
Strict-Transport-Security: max-age=300; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: ALLOW-FROM https://www.healthsafe-id.com/
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-4

POST
H/1.1 200 inbound Show response
www.healthsafe-id.com/hsid/setup/ 59 B
1 KB 298ms
298ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid/setup/inbound

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-dtpc: 39$19174537_390h9vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0
Accept: application/json
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 04 Sep 2023 09:19:36 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1154849664", dtTao;desc="1"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-1
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, remember-me, csrf-token, Q5eim0SSzm-a, Q5eim0SSzm-b, Q5eim0SSzm-c, Q5eim0SSzm-d, Q5eim0SSzm-f, Q5eim0SSzm-z
Expires: 0

GET
H/1.1 200 rbaurl Show response
www.healthsafe-id.com/hsid/ 40 B
881 B 308ms
169ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/hsid/rbaurl?portalBrand=cap&lang=en

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-dtpc: 39$19174537_390h10vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0

Response headers

Date: Mon, 04 Sep 2023 09:19:36 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1898017843"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H2 200 RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 801 B
722 B 54ms
54ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e0762439f8f2b7ab880bbf57924d25b3010383300e18f5215f094184996f49ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 462
expires: Mon, 04 Sep 2023 10:19:36 GMT

POST
H2 200 s52647337688541 Show response
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/ 43 B
421 B 124ms
44ms XHR
image/gif 63.140.62.108
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod,uhgenterprisecoreprod/1/JS-2.8.2-LDQM/s52647337688541

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.108 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-108.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 05 Sep 2023 09:19:36 GMT
server: jag
etag: 3637448984291475456-4617765581160451595
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 03 Sep 2023 09:19:36 GMT

GET
H2 200 RC988afc3b66874ae2a6d13fa04312eecb-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 312 B
456 B 45ms
44ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC988afc3b66874ae2a6d13fa04312eecb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 215d426318e178abe82efa0e7d178a3719df4726785cb3716d842a28fbca5a5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 196
expires: Mon, 04 Sep 2023 10:19:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 4 KB
2 KB 179ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1693819176626&cv=11&fst=1693819176626&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=HealthSafe%20ID%C2%AE&auid=108807597.1693819176&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1272f09fc9f53d31c3a2b079a72cc1df0797a16219beb2f04ff79debceb43624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 hub-1.0.0.min.js Show response
www.healthsafe-id.com/js/vendor/cross-storage/ Frame 538B 2 KB
2 KB 268ms
162ms Script
application/javascript 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/js/vendor/cross-storage/hub-1.0.0.min.js

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/protected/crossStorageHub

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/protected/crossStorageHub
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:36 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-770991345"
Content-Length: 1040
X-XSS-Protection: 1; mode=block
X-ps-id: hsid-prod-elr-1
Last-Modified: Tue, 29 Aug 2023 17:40:18 GMT
ETag: "04c82b203564443ec792dcef8f6d48511-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEGLBh5zmFHxn9k-FNflPFgM&google_cver=1
dpm.demdex.net/ Frame 44E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODgzOTIxMjg5ODgyMzA2MjE3NzM0OTgxMTkxMzM0NTEyNTQ4NDg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODgzOTIxMjg5ODgyMzA2MjE3NzM0OTgxMTkxMzM0NTEyNTQ4NDg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGLBh5zmFHxn9k-FNflPFgM&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

42ms
42ms

Image
image/gif

34.251.64.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGLBh5zmFHxn9k-FNflPFgM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

34.251.64.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-64-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0a2868ca3.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iWwHUbl9Qh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGLBh5zmFHxn9k-FNflPFgM&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-959766874

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

478e00233b53d4fb700b339488f3b2e450d86f30cb623d6c01084d6cee307f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72423
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 09:19:36 GMT

GET
H/1.1 200 info Show response
www.healthsafe-id.com/protected/tmx/ 750 B
1 KB 226ms
225ms XHR
application/json 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/protected/tmx/info?HTTP_TARGETPORTAL=CAP

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

2837512d4cef2c520dd4a0c0636c0decf04df126e350fb4d2c027f80c5e17cc1

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-dtpc: 39$19174537_390h12vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
Transfer-Encoding: chunked
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-94727606"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: 0

GET
H3 200 UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
cdn.healthsafe-id.com/static/media/ 22 KB
22 KB 436ms
435ms Font
binary/octet-stream 2600:9000:2490:8800:3:b102:a080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.healthsafe-id.com/static/media/UHC2020Sans-Bold.e3390afa72ca97e0fa9d.woff2
Requested by: Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2490:8800:3:b102:a080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Request headers

Referer: https://cdn.healthsafe-id.com/static/css/index.36f70783.css
Origin: https://www.healthsafe-id.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: vK6z7x1W.o_tbsZmXWbp0pY5Cep0Bt4f
date: Mon, 04 Sep 2023 09:19:38 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22420
last-modified: Thu, 31 Aug 2023 03:43:48 GMT
server: AmazonS3
etag: "52d7c5312a4fab395e904f90fe0d47cb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Origin
cache-control: public, max-age=63072000
accept-ranges: bytes
x-amz-cf-id: ZiuqCAOaSpQRz5LA23RgFHvaztfRDtYKcsc5Lg_TOvOn0lvSWP0V0Q==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 44E4 70 B
265 B 141ms
41ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.healthsafe-id.com&ttd_tpi=1
Requested by: Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 04 Sep 2023 09:19:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/ 4 KB
2 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/?random=1693819176928&cv=11&fst=1693819176928&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&hn=www.googleadservices.com&frm=0&tiba=Sign%20in%20-%20OptumBank&auid=108807597.1693819176&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-959766874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5e34a69a943c789bf9b52f3d6041d5d80f627aeeb7e9f52652be54a6bdc5f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1558
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
108 B 161ms
56ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1693819176626&cv=11&fst=1693818000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2927798930&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/801669703/ 42 B
455 B 157ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/801669703/?random=1693819176626&cv=11&fst=1693818000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2927798930&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET image.sbix
global.ib-ibi.com/ Frame 44E4 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/959766874/ 42 B
455 B 60ms
56ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/959766874/?random=1693819176928&cv=11&fst=1693818000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=24420839&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/959766874/ 42 B
108 B 58ms
55ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/959766874/?random=1693819176928&cv=11&fst=1693818000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&frm=0&tiba=Sign%20in%20-%20OptumBank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=24420839&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 09:19:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tags.js Show response
rba-screen.healthsafe-id.com/fp/ 95 KB
13 KB 294ms
38ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&page_id=PAGEID

Requested by

Host: cdn.healthsafe-id.com
URL: https://cdn.healthsafe-id.com/static/js/index.3f3d0ab2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1d2c58d4219cdb33243481aec94268a28d258684bc9c93ac0e7b92633fa0e0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 RC27118b4cbb854aff86652bc960a05b5e-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/ 1 KB
917 B 43ms
42ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/a30c79f0b515/RC27118b4cbb854aff86652bc960a05b5e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 17dfbfe5b4e4f091c7b624ccc5da01494002871598c1f9c25c2d10dc8d14e7c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:37 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 06:42:05 GMT
server: AkamaiNetStorage
etag: "12f7af689e0ad50fecb4326a352a39a3:1692686525.429072"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 657
expires: Mon, 04 Sep 2023 10:19:37 GMT

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ 529 B
2 KB 482ms
116ms XHR
application/json 54.160.51.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/cls_report?_cls_s=a3d0ccde-360a-45e9-853b-b2d2b41f46df%3A0&_cls_v=7dc37049-4708-425a-90c5-b41d72026c7e&pv=2&f_cls_s=true

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.51.39 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-51-39.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

282d2b0516762cd541013b53a5d4012aefcf23be372250aed7472935b01dd390

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 331
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
access-control-allow-credentials: true
GB-Server: g5035
X-Robots-Tag: noindex

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 8 KB
4 KB 167ms
63ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eab699200f13c0e1d5b8fea628455f5c4f646b780fdbfe56df8bfaf8f711554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 177111
cf-polished: origSize=9150
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"23be-QqCataJwxa17dr6Pplu5Go0VTDA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 801526e50dd42dd3-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 200
OK check.js;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2 Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 438 KB
82 KB 46ms
45ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jb=3d39262e6a736f7535556b6e6667777324687b6d3f576966666777712730383932246a736a753d4b68726f6d6d24687360354368706d656727323039333e

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&page_id=PAGEID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

057e7ea3989c9028b5cb261bdef6c1324621bba7aaff93d40b395af6bf200583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 2570049c7db077d4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 66AA 81 B
475 B 105ms
34ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/hsid/p/ Frame 66AA 482 KB
145 KB 40ms
40ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:37 GMT
x-amz-version-id: FlDmaO34SKSn_z5bcjsCcAF_z9ckwxwI
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 7a71153df5fe7b23e438dedb00b3bf4a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
age: 3854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 14 Aug 2023 21:08:47 GMT
server: cloudflare
etag: W/"349a412f01157bf1e84d91d933702c5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 801526e4787c23e3-LHR
x-amz-cf-id: NcwGodqwwxvkLG2Dxitjf3Dv6YuFFm59qgMroiEAcoE4AlhnzwPQQA==
expires: Mon, 04 Sep 2023 13:19:37 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 66AA 81 B
475 B 119ms
40ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cls_report Show response
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ Frame 66AA 529 B
2 KB 454ms
116ms XHR
application/json 54.160.51.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.51.39 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-51-39.compute-1.amazonaws.com

Software

GlassBox Cligate /

Resource Hash

53eee844236872cdae36e22a6ca1b5336e56bb1f6098bc1656df8478c01933ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 327
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
access-control-allow-credentials: true
GB-Server: g5025
X-Robots-Tag: noindex

GET
H/1.1 200
OK HP Show response
rba-screen.healthsafe-id.com/fp/ Frame 58A8 19 KB
6 KB 43ms
42ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/HP?session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jb=3d39262e6a736f7535556b6e6667777324687b6d3f576966666777712730383932246a736a753d4b68726f6d6d24687360354368706d656727323039333e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9e8e36b7a2c6bd7cc310356a067eeb766262de286459d7bda8a480f8e312eace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: en-GB
Content-Length: 5800
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 81 B
537 B 105ms
35ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 15saug00/2570049c7db077d48ee8aae4-3c57-4ec2-bfe1-68ec27887be1
Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 04 Sep 2023 09:19:37 GMT
Server: Apache
Etag: 3949a59d19d2445181cc57b74fbe271d
Content-Type: image/png
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 02 Sep 2028 09:19:37 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 66AA
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&k=2

0
387 B

35ms
34ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2 Show response
rba-screen.healthsafe-id.com/fp/ Frame D17E 90 KB
14 KB 38ms
38ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

39e2bd780181bfaa34770f01cfdf4df24361fe70b738499892ceb1298395c8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 0
387 B 40ms
40ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jb=3b36266473613d3969643538356d363433666b3663366531606c333735603d3e61373438316230

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2 Show response
h.online-metrix.net/fp/ Frame C9AB 103 KB
15 KB 113ms
38ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b8f30bc443e19a1ff74ac2aaa8c274b5d8e54525b529f7b8420d54d92d0343b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2 Show response
rba-screen.healthsafe-id.com/fp/ Frame 992A 90 KB
13 KB 38ms
38ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0ccc447a618d2e44c93d08c78e75e7341aa2d7393af6da8e33788d12809c76cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 04 Sep 2023 09:19:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 0
218 B 61ms
37ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&ja=3a33363f2626633d3824783d343826663f333e323278313a32382663643f393e323278313a30302e7378793d387a32266678723d332e393432302c393038302e333438382e333230382c313e30302c313a32322c333e30302e333a32322c3024322e6d763f633030306362636c63373f646466646e3b67613a3c3131363538346039613f632e6d6c3f362e7b61663d323c266c603d68747478712733432d324627304e7575772e6067696c766a71696e672f696426636f65253246727c2730466e6767696c273a446161702d304e656c27314e5c435047455c25334c687474707b2730353149253237304e273035324e757f772c6a676964766a73616e652d61642e636f65273035304e727427303d304473656b777a652730373a4e637774682d32353a466361702d303732446d6e2530373b447065737d6f6d253037314c2d303732466973253a35324669435446737b70774649273a373046726d717d6d6727303d3a446373253a35324e6175746867706b7a637c696f6c2c786b6c67253a373a36717267667c6b7679253a35334c6e756c6c2d303732347b636f72672d3037334467726d6e6b66273a3d303472657b706f6673655f7471726725303d3344616d6c672732353a3478666b6672696c63722670643d332e70683d37306430386369366261646a673331336a353b38356367386c316064623a64342e68683d383b3b6161646e35303a3a6d353463393d3b313067663a3a69673b31373831302e6a736f3d5f6b6c646d7f732530323932246a736a3f4b68706d6f6d2d303231313e266a7b6f753d57616c666f757b266a71607d3f416872676f6d266c6a61353c246c646d353826666d74703d3824767a66354575706d7867273246446d66646d6c246569766a723d3c30303b643163326a676130306d366361373e3232383269663935373632396e663635383031343964366561693036646131346164606c353033313b3331366324667a356a7674707b253349253246253a44757775266865636e7c6a7161666d2f61642c616d652d304472742d3246646f67696e2d304463637825324467662731465449504f455627314c60767670732d32353b412532353a442732373a46777575266a67616c7c6a7b6164672f616c2c616f6d2d32353a467274253a373046716d637570672d3037324669777c682730373a4e616370253a35324e656e25323d314472677b756d67273a373144253a373a466371273a3d3044694b5e4473717877464b2d303732447a6573776f6d273035324e637b253037304e697776686f7a697a6974696f6e26726b6e652d323530347b72676e74617671253037314c66776e6c253a35323e73636f706d273035314c6f70676c61662732353a347a6571726d667b675d74797865253a3533446367666725303d32367264616672616469722e703f726e7d6f6b6c5f666461736025354566696e716523786c75656b665d75696e6c6d7f735d6f676c61635d706c6979657a25354566696e716523786c75656b665d63646f6a67576161706d6a69762735456e616c7b6521706c7d656b6e5d79756961697c6b6f65253d476e616e716729786e776769665f73606f636b7769746725374d66616e716d23726c756f6b665f70676364786e6379657a25354d66616c736d23726c776f696e5d7464615d706c697b6d722737476e696e716521786c756f696e5f646d74636c747a25354764696e716521786e7d676b6c5d7b7e655d76696d77657a25354566696e716523786c75656b665d68617669273d4564636e7b6d24656c5f6b3d776d62676c576d60454c273a30312c322d3032284f786766474e2730384d512732303a2e302d323043687a6d6f697765295767604f4e2732304f4e5b4c2730324d5b273030312630253a30284f706d6c454c273a304551273a32454c5344273a304751273a38332c30253a304360726f6d697d6f2b57676a4b6976556d604969742d30385767604544494c454c4557696e7b74616e636d665d61707a617971273b402732304d5a5c5f606e67666c5d6f696e6561782d3342253238475a545d6b6f6c6d7057607766666d705768636e64576e6e6d61742d33422d323045585c5d646c6d69745f606e6d6c6625334a273a30475a56576e7063675f6c65707c682533422d3032455a5c5f736a636c67705f746d7a7c7570675d6467662733422d32304d58545f746d7a7675706d5f636d6f7870677373616d665f6072766b2d314025323845585c5f7465787c7770655d6b6f6d72706d7171696f665d7a677661273b4a2730304550545f7c657874757a675d666b647465705d696c6b736f7c7067706b61273b4a2730304550545f7b524742253b402732324745535d6764676f656e7c5d616e66677a577d6b6c74253b42253a304f45535764606f5d7a656e66677a5d6f6970656378253140273a384d47535f7b74616664617264576667726b7e61746b746d712733422d30384f47515d7c6d7a7675726d5f66646f6174253b402732324745535d766d7a7675726d5d6e6c6d637657646b6c65617a25334a2532304f4d515d74677074757067576a636c665764646f6376273b4a2730304f4d535f7c657874757a675d686364665f646e6763765f6c616c6d617027314a2d30324f455b5f766d727465785763707263715f6f60686d617625334a273a305547404f445d616f6c67725f6a756666657a5d646c6d69742531402d303257454a45445f616d6f787a677173656c5f746d787475726d5d6373766b253340273a325545424f4e57636d6f727a6d71716564577465707475726557677663273b422530325f4740474c5761676d7270677b7b67665f746d78747d72655f657c613325314a253232554d40454c5f6b6d65707067717b6d665d74657074757a655f73337c612733402d323055474a454e5f63676f78726771716d6c5d7665787c75726d5f7333746b5d7172656a253340273a325545424f4e57646760776f5770676e646d72657a5f696e6667273142273a305747404f4e5d64657876605f76677a7c7d706725334a25323857454247445d6672637f5f6277646e677073253b402d323255474a4f4e5d6c6f7b655f6b6f6e746570762733402d323055474a454e5f6d7d6e7c695d6670697f33342667645f6835336666356c646434353c306466613c323565363a606d306735366c3a373734363930346c343235392e75656c7435496e766764273030496661262675656e7a354b6c746564253238497269732d30324f726d6e474e273a32476e67616c6d26616166353a&jb=3935352e6c713d4d67786b6c6e692532443726322732302055616e666d757b2d30324e542d323039302e30253b402732325f696e34362d31402532387a3e342b2730384972726c655f656243697425324e3731372c3b3625303220494a544d44273a432730326461696725323847656b6b6f29253a32416870676d6527304e3333362e382c3d3836372c393c322732305b616669726925324e3731372c3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:37 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net/fp/ Frame 66AA 81 B
438 B 125ms
35ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
472 B 557ms
149ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Sep 2023 09:19:38 GMT
X-ps-id: elr_cse_collector_8
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.healthsafe-id.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK check.js Show response
rba-screen.healthsafe-id.com/fp/ Frame 58A8 208 KB
29 KB 42ms
41ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7da324218408ff7321e4c6852ab148df051fee9783145e015678347275eba4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 2570049c7db077d4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 12.2158c5447122fa995560.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 69 KB
21 KB 56ms
55ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697e541b2f182b24b7e56b9a1807fd0ce4241e0e1e289c64f16fc365643fe495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 464177
cf-polished: origSize=71575
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"11797-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 801526e98d362dd3-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame D17E 0
387 B 41ms
41ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jf=3b36266473623d656d6730343b3f37613a3a3036643738303b3a65353a313f6c316433326b6439

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 0
387 B 39ms
38ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jac=1&je=3a34302e266a666e3531246a64603d393b3439353366626e3b3f333567313e3f606337353c62623b396263343a613a26686e746e3f32323131363a3b24786d3f6c6d2e6a637673743525374a2532326c6d74676c273a32253143392c3230253a412d32307176697c777125323a25334925323263606370676b66672530302d354626617d66603d6163356a31673465363031636b616336663a6335633331323931343b363462356b3139373b34603c6c3a66643430363038333866653c643233646b6438363731246778333564396567373b6b69643535313c37373e3564323431313437373a34653b306e6461623839333b6163

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 71 KB
6 KB 181ms
181ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb16eb1fdcb96b6c6a470272e70834a3b29ec320f7498bf5909b4557f6b45a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.healthsafe-id.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 09:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.healthsafe-id.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: d772bc4305626ae6
cf-ray: 801526eaaefc2dd3-MAN
timing-allow-origin: *

GET
H/1.1 204
204 clear1.png;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2
rba-screen.healthsafe-id.com/fp/ Frame 66AA 0
400 B 40ms
40ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear1.png;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jf=3c31342e7369645f7a6c663d766c725f3a58604d64336b72777e7356454d4767247169645764617c653d313631313a313b393738247161665d7479786735776760386d6b667161267b6964576b65793d3b32373931383133323438353061383e363063673166383a3233303638383269383634386b673164323b30313235383136323038323c37643b3b6b69326733356b64646d313437336a313b31343e39633764303a3237613b3138386636376a6d663063363f36396c633862636d606630313d653431636a673430666d3469346464616d313a6161613866316d633833383c34363660386262663638363438633d363134306464313a353a37333031663b393837386b3a24736b6c5f736b65353132343438303a303561326b393a3a61383a31353b3163333769363661376b3031633038363763323e636d393261326b6b316366373032356e346564626a3430313a3a663330673f323032303a3a6c35663633396e606439333164633a383731303f3461663331623732636e613563383c643a6466333b3e6a3530383830623230643264353034673733303926716b6e703f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=4511EF9D4E491FF7B1010B75A2F0B62B
h.online-metrix.net/fp/ Frame C9AB 0
400 B 38ms
38ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=4511EF9D4E491FF7B1010B75A2F0B62B?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jf=3c31362e7369645f7a6c663d766c725f543444355142395a473876654e4c435a247169645764617c653d313631313a313b393738247161665d7479786735776760386d6b667161267b6964576b65793d3b32373931383133323438353061383e363063673166383a3233303638383269383634386b673164323b30313235383136323038323c323a32323b6b353634363030663a376665356c3a6662676e366130326e663032363e603a643532336c6d646131646b3763303139623730326166643c33323a346c366034633b673937343a323b3b3a3765633b36633c343764366d633734613f633463603b31363837313b3b613336333c393032653038383369376138396a6624736b6c5f736b65353132343538303a303361346a30613638396b35383c373035623e303738373e3965603669323064663a646a323063323a3a643336336b393869396133306c6767386738303661376b3230323138326b393032313d6a606030613c62383a3966326331663b613b3e613637613b673b39613f663e303030673e6e643365323c30313a62656235693667363430626264247b6b64723d39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BA67EAB108E1EDEDD76F5D1307145BB2?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 44ms
44ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.2158c5447122fa995560.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=www.healthsafe-id.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 464176
cf-polished: origSize=105687
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19cd7-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 801526ebd8ce2dd3-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 200
OK ARF;CIS3SID=FD96D469AF40726DA497AC1178EDD8B9 Show response
rba-screen.healthsafe-id.com/fp/ Frame 58A8 35 B
557 B 37ms
37ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ARF;CIS3SID=FD96D469AF40726DA497AC1178EDD8B9?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&pageid=99998&sera_parametere=VEUKBAQEXAIGXAdTBw8GAlQCVggFBgsHAFRUUgdSUwZRB1EEUQFaUgABURZERFldXEVCREMRCicSUyAVAHNBBgJfRFVcUVQGWRARFQRzQQNwBRIHdBELU18LEUREEldwFwJ1FQdwHwdeWVpRVgZUUFYCBwFVBl9SAldXAFJVBQ1QBAAAVQEJVQBRUwAAUwAMCgIRXl9aWgYKVlcHBwdQDVECU1IAAw4HA0IIQwoHHANUVAMGUQBaVFZSVgBUUVdVAgADVAAACgUDXQQEUlJRV1EABgQHUApFVg1fAQcFUA0UXF4NHQUfE15ZWwkODlwSWl4KFlIJegtFCw9VEVUSCQMEARZSW0peYA0MVFhAFxJRVwpEVE5mAFYIDlJWVA8SV0EKBwc%3D&count=0&max=0

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0d496c32aec32b34e7feac4a8aace6730b91b12af0c0d6880badda1ed3578a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&org_id=15saug00&nonce=2570049c7db077d4&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 7.41dc96447e48575a0cfd.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 45ms
44ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.41dc96447e48575a0cfd.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c91945cdef5177fb2131a55ebb70b3ba5c56d640a71b351d20a5c335ef120a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 464177
cf-polished: origSize=2901
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b55-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 801526ecea832dd3-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.e4bb9861ae9a0d936559.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 43ms
43ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.e4bb9861ae9a0d936559.chunk.js?Q_CLIENTVERSION=1.98.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f8cff2f1e205758621ca8a1b49253194e84a68d1af5a6fa94b4b159629ea9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:19:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 464177
cf-polished: origSize=29367
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Aug 2023 19:22:00 GMT
cf-bgj: minify
server: cloudflare
etag: W/"72b7-18a3d9883c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 801526ecea882dd3-MAN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 66AA 0
387 B 56ms
55ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=15saug00&session_id=8ee8aae4-3c57-4ec2-bfe1-68ec27887be1&nonce=2570049c7db077d4&jac=1&je=3a30262e7765693d3a33352e333b382e333b3e2c333038

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.healthsafe-id.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 09:19:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f Show response
www.healthsafe-id.com/ 911 B
1 KB 152ms
150ms XHR
text/plain 149.111.166.210
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f?type=js3&sn=v_4_srv_39_sn_53F7763F9F80EDEE08289520047E0605_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_1_app-3Aea7c4b59f27d43eb_0&svrid=39&flavor=post&vi=PKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0&modifiedSince=1693363395562&rf=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Flogin%2Fcap%2Fen%3FTARGET%3Dhttps%253A%252F%252Fwww.healthsafe-id.com%252Frt%252Fsecure%252Fauth%252Fcap%252Fen%253Fresume%253D%252Fas%252FiKVDsyxwFK%252Fresume%252Fas%252Fauthorization.ping%2526spentity%253Dnull%2526scope%253Dopenid%2526response_type%253Dcode%2526pfidpadapterid%253DHsidNewUIOidc%2526redirect_uri%253Dhttps%253A%252F%252Faccount.optumbank.com%252Flogin%252Fcallback%2526portal%253Dcap%2526client_id%253Dbank-cloud-prod%26resume%3D%252Fas%252Fq490pceVJC%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&bp=3&app=b6030f906c1066bc&crc=1144774251&en=fme08pl1&end=1

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.210 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-hcc-elr.optum.com

Software

Resource Hash

a90bd327c1700e93ea03870933904ba15ef5b809163470a24a8ce4221b05adb1

Security Headers

Name	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthsafe-id.com/rt/login/cap/en?TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FiKVDsyxwFK%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&resume=%2Fas%2Fq490pceVJC%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 04 Sep 2023 09:19:41 GMT
Strict-Transport-Security: max-age=300; includeSubDomains
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Content-Encoding: gzip
X-ps-id: hsid-prod-elr-4
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
Content-Length: 492
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=88392128988230621773498119133451254848

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS0141ee40 Value: 0191a2d84e53bff21ed2f07ee017647f1ce8eb4bf6dd7436bde4d06a03c5928ba4a404a7cb14b4fe4b3a3163fa43c74c7f25e2df7c
.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS01163ad9 Value: 0191a2d84e53bff21ed2f07ee017647f1ce8eb4bf6dd7436bde4d06a03c5928ba4a404a7cb14b4fe4b3a3163fa43c74c7f25e2df7c
.www.healthsafe-id.com/	1970-01-21 00:06:19	Name: Tv6TR2qd Value: AyF7fV-KAQAAyN3mqCWvhG5lhbAVJqeZX0N6XDVJMBlEcmEj7gbWr6bms4KZAdmKxGyucuHJwH8AAEB3AAAAAA\|1\|0\|fc2ca3ceac126190c2e02e37b56fc5378aaf1aac
.healthsafe-id.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_39_sn_53F7763F9F80EDEE08289520047E0605_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_1_app-3Aea7c4b59f27d43eb_0
.www.healthsafe-id.com/	1969-12-31 23:59:59	Name: TS012562a2 Value: 0191a2d84e53bff21ed2f07ee017647f1ce8eb4bf6dd7436bde4d06a03c5928ba4a404a7cb14b4fe4b3a3163fa43c74c7f25e2df7c
.healthsafe-id.com/	1970-01-21 00:06:19	Name: rxVisitor Value: 1693819174539F7E1AKPPCE1SP6GJO0EVF3RAHJV7072C
.healthsafe-id.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.rakanto.com/	1970-01-21 00:06:19	Name: pixel-ubrid Value: v2.0-d5bfcf0457751f9a7f4f429b81bc7c59-31443-31451-1689735524008-0001264730-1693819175380
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: rakanto_ubrid Value:
www.healthsafe-id.com/	1970-01-20 14:30:20	Name: RakantoClientSideData Value: eyJ1YnJpZCI6InYyLjAtZDViZmNmMDQ1Nzc1MWY5YTdmNGY0MjliODFiYzdjNTktMzE0NDMtMzE0NTEtMTY4OTczNTUyNDAwOC0wMDAxMjY0NzMwLTE2OTM4MTkxNzUzODAiLCJjb21taXRfaGFzaCI6IjI3MWZlZTQifQ==
www.healthsafe-id.com/	1970-01-20 23:15:55	Name: HSID_V Value: 2f6ac947-1c5a-4845-8fb3-aeb49d41d6ef
www.healthsafe-id.com/	1969-12-31 23:59:59	Name: SESSION Value: YTlmMzY4ZDUtNmEzMS00MjE2LWFlZWEtYmNiODlmOGI0NTJm
.healthsafe-id.com/	1970-01-21 00:06:19	Name: pixel-ubrid Value: v2.0-d5bfcf0457751f9a7f4f429b81bc7c59-31443-31451-1689735524008-0001264730-1693819175380
.healthsafe-id.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 18:49:31	Name: demdex Value: 88392128988230621773498119133451254848
.healthsafe-id.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.healthsafe-id.com/	1970-01-20 16:39:55	Name: _gcl_au Value: 1.1.108807597.1693819176
.healthsafe-id.com/	1970-01-21 00:06:19	Name: _cls_v Value: 7dc37049-4708-425a-90c5-b41d72026c7e
.healthsafe-id.com/	1969-12-31 23:59:59	Name: _cls_s Value: a3d0ccde-360a-45e9-853b-b2d2b41f46df:0
.everesttech.net/	1970-01-20 23:15:55	Name: everest_g_v2 Value: g_surferid~ZPWhKAAAALQOygN-
.healthsafe-id.com/	1970-01-21 00:06:19	Name: mbox Value: session#63216bc360874c2684597e676907b48e#1693821037\|PC#63216bc360874c2684597e676907b48e.37_0#1757063977
.healthsafe-id.com/	1970-01-20 14:30:20	Name: gpv_pn Value: D%3Dv25
.healthsafe-id.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 18:49:31	Name: dpm Value: 88392128988230621773498119133451254848
.healthsafe-id.com/	1970-01-21 00:06:19	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19605%7CMCMID%7C84495443572802757844567263886841308073%7CMCAAMLH-1694423976%7C6%7CMCAAMB-1694423976%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1693826376s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19612%7CvVersion%7C5.0.1
.demdex.net/	1970-01-20 18:49:31	Name: dextp Value: 771-1-1693819176720\|903-1-1693819176892\|285689-1-1693819176994
.doubleclick.net/	1970-01-20 23:51:55	Name: IDE Value: AHWqTUlUNj1U7n5yTKPBanmewQmj7_SUiqKVf7YUUGD_Z7eEcBWz2avdslJN07GL
rba-screen.healthsafe-id.com/	1970-01-21 00:06:19	Name: thx_guid Value: 6a19cb54204aed5616bf03412f0ca211
.healthsafe-id.com/	1969-12-31 23:59:59	Name: rxvt Value: 1693820977960\|1693819174541
h.online-metrix.net/	1970-01-21 00:06:19	Name: thx_global_guid Value: be34cc60113d4a9ea822a0b14cb74870
report.uhg.glassboxdigital.io/	1970-01-20 14:40:23	Name: AWSALBCORS Value: 1RRqJkX+WGPUsVYUO7b6kxkVb96+WTpqBLQBk8z5Ot3ZqXZ13EXU6ftzP4ioLtfHdp8iG/7mA3Eqcqz8mPeYI/X4a0NSE0zXW28Z3WOcSbPvJuiU6rlhcp7UW0cx
.healthsafe-id.com/	1969-12-31 23:59:59	Name: cls_e Value: a3d0ccde-360a-45e9-853b-b2d2b41f46df:16143821192215
.healthsafe-id.com/	1969-12-31 23:59:59	Name: dtPC Value: 39$19174537_390h-vPKTFNUCKMKQOFNODRUMRKPMCQMTRUWAT-0e0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://www.healthsafe-id.com/assets/bundles-average.js?seed=AICSa1-KAQAACPa0bw1FO33gwg4Xb71jZuXvOUik00UxJXNBYUb4J9o-erFb&EdxVWcjYRR--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security	error	URL: https://cdn.gbqofs.com/uhg/hsid/p/detector-dom.min.js(Line 93) Message: Refused to create a worker from 'blob:https://www.healthsafe-id.com/f38d436c-47e2-4e95-8ddc-16728102db48' because it violates the following Content Security Policy directive: "script-src https: 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=88392128988230621773498119133451254848 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ; style-src 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *; worker-src blob:; font-src https: data:;
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15saug00ja43ukuyx4lx7w3is5y4iuqxmvfidzpv2570049c7db077d4am1.e.aa.online-metrix.net
assets.adobedtm.com
cdc-aem.optum.com
cdn.gbqofs.com
cdn.healthsafe-id.com
cm.everesttech.net
cm.g.doubleclick.net
cse.rakanto.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
match.adsrvr.org
member.werally.com
rba-screen.healthsafe-id.com
repo.rakanto.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.co.uk
www.google.com
www.googletagmanager.com
www.healthsafe-id.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.208.240
149.111.165.13
149.111.166.210
168.183.37.177
168.183.44.227
172.217.18.2
2600:9000:2490:8800:3:b102:a080:93a1
2606:4700::6812:190d
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a02:26f0:3500:591::1e80
34.251.64.143
35.71.131.137
45.60.33.26
52.215.87.25
54.160.51.39
54.229.208.26
63.140.62.108
66.235.152.115
91.235.132.130
91.235.133.67
91.235.134.131
057e7ea3989c9028b5cb261bdef6c1324621bba7aaff93d40b395af6bf200583
0ccc447a618d2e44c93d08c78e75e7341aa2d7393af6da8e33788d12809c76cc
0d496c32aec32b34e7feac4a8aace6730b91b12af0c0d6880badda1ed3578a28
1272f09fc9f53d31c3a2b079a72cc1df0797a16219beb2f04ff79debceb43624
17dfbfe5b4e4f091c7b624ccc5da01494002871598c1f9c25c2d10dc8d14e7c2
1aaccac8b32c11cf3fa6f9e0c9fd24997b0d9bddbaa1cc6f159c59b926946011
1d2c58d4219cdb33243481aec94268a28d258684bc9c93ac0e7b92633fa0e0a9
1ff981b7e5571ccedd8af168bea422e72d13532c538226caadae6386831fc372
215d426318e178abe82efa0e7d178a3719df4726785cb3716d842a28fbca5a5e
282d2b0516762cd541013b53a5d4012aefcf23be372250aed7472935b01dd390
2837512d4cef2c520dd4a0c0636c0decf04df126e350fb4d2c027f80c5e17cc1
30a504b69bd97d1dcd16eea14d39e612f317101bd3f0ab36f595d1f62d19fb22
370f0500163eafa1b88896b1420c3aea95685060885d9d336c634ae26fa9fad5
39e2bd780181bfaa34770f01cfdf4df24361fe70b738499892ceb1298395c8c0
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
3eb88e21781c93bf785739c93f0487a93a27bfdb5b1ac4dd0a33e37df17ed7a6
478e00233b53d4fb700b339488f3b2e450d86f30cb623d6c01084d6cee307f3e
4eab699200f13c0e1d5b8fea628455f5c4f646b780fdbfe56df8bfaf8f711554
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
53eee844236872cdae36e22a6ca1b5336e56bb1f6098bc1656df8478c01933ff
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55fa969f7cf26c81e747232ebe98b587e9c7118065f49d4378e4ab459aaec2af
5acca08ef6ddff6679c2931b1703f36b669af012dcb073a4c329e4387baac06a
5eb16eb1fdcb96b6c6a470272e70834a3b29ec320f7498bf5909b4557f6b45a7
5f8cff2f1e205758621ca8a1b49253194e84a68d1af5a6fa94b4b159629ea9bf
617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b
697e541b2f182b24b7e56b9a1807fd0ce4241e0e1e289c64f16fc365643fe495
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
7a56c1f22499d04cd4d03d1fc2d611a6385d425e790e70d47d782458268375f5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c596e1d27614ba207af423d461a69cedc2e2b681ea7c5bf7fc21b0077c76d03
7da324218408ff7321e4c6852ab148df051fee9783145e015678347275eba4ca
7e362f00330f4ae046576829a63ac9becb7f29286734a4a936869d829ddbb7ab
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
86d9980dd07b0eb53140f7f60ec1c5196e52f1c64a2bca1e7f6f5a5a1f88b885
8a0be5aa4cb65c8b49097f84e02224b35d7c4bfc8f4da09fab4ca452a94fcf2b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f3f22a768ac5db6d74b6300ce0be9e2db425ef538daed637c452f64d18d7b3f
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9e8e36b7a2c6bd7cc310356a067eeb766262de286459d7bda8a480f8e312eace
a4118da76e13f6d904d1d8281a2169cccb06af50a72fda71cca9cd3d027d9cc0
a846b4f82102c08caf6add36c1ab194ca0b52f72ca69d3ee444bdee1d914a126
a90bd327c1700e93ea03870933904ba15ef5b809163470a24a8ce4221b05adb1
b28bd866e643de789ec8763657c5a7ab99f1f059cafeb91d92701dedcd613037
b5e34a69a943c789bf9b52f3d6041d5d80f627aeeb7e9f52652be54a6bdc5f9b
b8f30bc443e19a1ff74ac2aaa8c274b5d8e54525b529f7b8420d54d92d0343b5
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0c91945cdef5177fb2131a55ebb70b3ba5c56d640a71b351d20a5c335ef120a
d15885e99f81a85f769421bbef35d5654b7b3ab4165049a4524d859617307562
d49f36cd612612ea187e8314c1224f072eb1a7c7c5839928960746dcfc6b9283
d6b6ca193696f01a54959a80eace120d4bff15e667a9171ca9b4eb391f7a46ee
e0762439f8f2b7ab880bbf57924d25b3010383300e18f5215f094184996f49ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc1ef02f2a18f2e89a872692fce893700842594248e40a3c8d3c508e261f61
e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a
e6480ba1f25e815c57ffc9ada53db64019fea9be79e916f0917a03d47d40d4e2
e6e7252ae36160ed4ab51df7cfe78e94f93b52af86fdaf18f9e062cf8be789e6
ea803adc6918df0de1d4cfb11ec88d1ff01552102dee4b0ddbacffdac99b8dbe
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f629f0b7620694f0266f6cfb0e5baa1e76fab463a12452803e9dbb47dbddac30

www.healthsafe-id.com Open in urlscan Pro 149.111.166.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

94 %HTTPS

29 %IPv6

18 Domains

26 Subdomains

23 IPs

4 Countries

1535 kBTransfer

5120 kBSize

33 Cookies

2 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.healthsafe-id.com Open in urlscan Pro
149.111.166.210 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

94 %
HTTPS

29 %
IPv6

18
Domains

26
Subdomains

23
IPs

4
Countries

1535 kB
Transfer

5120 kB
Size

33
Cookies

81 HTTP transactions
2 data transactions