urlscan.io logo urlscan.io
SecurityTrails logo

login.my.healthequity.com Open in urlscan Pro
2606:4700::6810:abfd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://participant.wageworks.com/Account/Profile/ContactInformation.aspx
Effective URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEt...
Submission: On August 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 26 HTTP transactions. The main IP is 2606:4700::6810:abfd, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.my.healthequity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 20th 2021. Valid for: a year.
This is the only time login.my.healthequity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 69.89.50.205 27018 (WAGEWORKS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.225.74.234 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 104.109.59.42 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.17.208.240 13335 (CLOUDFLAR...)
1 198.17.0.22 13951 (DATABANK-SLC)
1 2a00:1450:400... 15169 (GOOGLE)
26 14
2    69.89.50.205 (Louisville, United States)

ASN27018 (WAGEWORKS, US)
PTR: participant.wageworks.com
participant.wageworks.com
2    2606:4700::6810:abfd (United States)

ASN13335 (CLOUDFLARENET, US)
login.my.healthequity.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    13.225.74.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-234.fra2.r.cloudfront.net
cdn.auth0.com
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    104.109.59.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-59-42.deploy.static.akamaitechnologies.com
cdn.walkme.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    198.17.0.22 (United States)

ASN13951 (DATABANK-SLC, US)
maintenance.healthequity.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
6 cdn.walkme.com login.my.healthequity.com
cdn.walkme.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com login.my.healthequity.com
www.googletagmanager.com
2 cdn.auth0.com login.my.healthequity.com
2 stackpath.bootstrapcdn.com login.my.healthequity.com
2 login.my.healthequity.com 1 redirects
2 participant.wageworks.com 2 redirects
1 siteintercept.qualtrics.com zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 maintenance.healthequity.com
1 zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com login.my.healthequity.com
1 cdnjs.cloudflare.com login.my.healthequity.com
1 code.jquery.com login.my.healthequity.com
1 fonts.googleapis.com login.my.healthequity.com
1 cdn.jsdelivr.net login.my.healthequity.com
1 pro.fontawesome.com login.my.healthequity.com
26 16

This site contains no links.

Subject Issuer Validity Valid
login.my.healthequity.com
Cloudflare Inc ECC CA-3		 2021-05-20 -
2022-05-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.auth0.com
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
walkme.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-05-26		 a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2020-10-26 -
2021-11-26		 a year crt.sh
*.healthequity.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-07-07 -
2022-08-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Frame ID: DC8E5A5C1AB62412A7E476BC11439867
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://participant.wageworks.com/Account/Profile/ContactInformation.aspx HTTP 302
    https://participant.wageworks.com/oidc/authorize?ReturnUrl=%2FAccount%2FProfile%2FContactInformation.aspx HTTP 302
    https://login.my.healthequity.com/authorize?client_id=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&redirect_uri=https%3A%2... HTTP 302
    https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3Rp... Page URL

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

16
Subdomains

14
IPs

4
Countries

989 kB
Transfer

3382 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://participant.wageworks.com/Account/Profile/ContactInformation.aspx HTTP 302
    https://participant.wageworks.com/oidc/authorize?ReturnUrl=%2FAccount%2FProfile%2FContactInformation.aspx HTTP 302
    https://login.my.healthequity.com/authorize?client_id=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3Dx9KL5WaBu0tzyz-eSrnCfUVHzp6QtCAF0BcQAMw_TvpQw5L4KOeWqZA-tnbk-aipwUxLQSCc3OVfWQyF1QbN8KVqXS0w5WoHhGcxiqYAeM7i9vqNBfuks0eQpDarcJHfbsp8vEIMoWFsHXcB6JpBqxIB4mt4wMoY7e_6IjM8mukx7KCOGabQaUj94RceYozBDEIFai1M7gGge5-ypi4eCEe8Wxbv6a9vU0a3MoiLV1kTF3d2VxEKbT-ja5RamVDE&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0 HTTP 302
    https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
login.my.healthequity.com/
Redirect Chain
  • https://participant.wageworks.com/Account/Profile/ContactInformation.aspx
  • https://participant.wageworks.com/oidc/authorize?ReturnUrl=%2FAccount%2FProfile%2FContactInformation.aspx
  • https://login.my.healthequity.com/authorize?client_id=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&...
  • https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJ...
48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:abfd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58866e24f601b44e317ecf28eb62a6aa0e2d992fb53cd030ed6e2fb96fbe024
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
login.my.healthequity.com
:scheme
https
:path
/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
did=s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI; did_compat=s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-type
text/html; charset=utf-8
cf-ray
67b6e103efd94dd6-FRA
cache-control
no-store, max-age=0, no-transform
content-encoding
gzip
etag
W/"c1f6-urmfXi7/jfedFuLy0dv+HB7F5bI"
set-cookie
_csrf=WUQz7Zo4BYpZnGmQx-xNjol6; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept-Encoding
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'none'
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67b6e103efd94dd6
ot-tracer-sampled
true
ot-tracer-spanid
73eeede172ec2419
ot-tracer-traceid
6959ce8e0d0ae39c
pragma
no-cache
referrer-policy
same-origin
x-auth0-requestid
3d5fc2a359f9356ab889
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1628406145
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-type
text/html; charset=utf-8
content-length
1224
location
/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
cf-ray
67b6e0fed98197ba-FRA
cache-control
no-store, max-age=0, no-transform
set-cookie
did=s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM; Path=/; HttpOnly; Secure; SameSite=None auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI; Path=/; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM; Path=/; HttpOnly; Secure auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI; Path=/; HttpOnly; Secure
strict-transport-security
max-age=31536000
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
67b6e0fed98197ba
ot-tracer-sampled
true
ot-tracer-spanid
6ca9c79f4062baa5
ot-tracer-traceid
21c1d63d7d72a80b
pragma
no-cache
x-auth0-requestid
9f0848a00fe58af8f8b5
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1628406145
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://login.my.healthequity.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601
age
4182
cdn-cachedat
08/03/2021 15:16:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2961a3364a970c7fbd16f5c62289915a
cf-ray
67b6e1058eee4e44-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Origin
https://login.my.healthequity.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
4182
x-amz-request-id
Z768GH6YB0HBY3GY
x-amz-id-2
z8Xcfiixcpk/QqtiYmNde3ql8BMgo1U5SZYXGIoqLcBUdXGglbltTX6Gk5gUHXf1Qkdsc+h950s=
last-modified
Mon, 28 Jun 2021 16:54:32 GMT
server
cloudflare
etag
W/"aa1272633e7e552395d147a499bad186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
67b6e105bfa01f15-FRA
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/ 		59 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3752798
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8429
etag
W/"edbb-Du3MPQ7GnRobCfGvnAP4Uqb5QVI"
x-served-by
cache-fra19182-FRA
date
Sun, 08 Aug 2021 07:02:24 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		3 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa798ff8828eb72b5aba0571c1fdb9c9285cbfb8c2e6f709665f98a77e9f3bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 07:02:24 GMT
server
ESF
date
Sun, 08 Aug 2021 07:02:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 07:02:24 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin
https://login.my.healthequity.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1628406144.dop236.fr8.t,1628406144.cds272.fr8.hn,1628406144.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://login.my.healthequity.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298059
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6098
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kkb%2BQZQgf6P4FKIRab%2FhdyProeZLVMWFG2kbwuJb695xIKDAxWHpcCYUZPmnNekkVE476JnjlWsGxUhsVFggjvkTb4IEYJrT1ZxfuYwmV5037ooO3cCJWQ7V8ndIEmB%2FzgS4acamhcYI2o%2FIbJIzWTh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b6e1058c812bc2-FRA
expires
Fri, 29 Jul 2022 07:02:24 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://login.my.healthequity.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
4182
cdn-cachedat
2021-08-02 20:41:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3b27dfed98e9ef7b875bbe15e50d93e0
cf-ray
67b6e1058ef44e44-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
auth0.min.js
cdn.auth0.com/js/auth0/9.14/ 		154 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.14/auth0.min.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-234.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
209e8a310ec2684b1c7ed4cfe451999a1c990df7776e94aaa1c8e8758c42cb01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pFxC3zbcQX4IWPI2e_Zrq_xrvEgP39hW
content-encoding
gzip
last-modified
Tue, 26 Jan 2021 12:29:46 GMT
server
AmazonS3
age
3140
etag
W/"8987f6d982d09cf27f1ec734c42a3089"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control
max-age=10800,public
date
Sun, 08 Aug 2021 06:11:02 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EiITmKMxiii0iuj4BQR1NN6yAmh9d7JUfgMmwgLkNt1Yk3zDdrS2mg==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/ 		278 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-234.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
age
4837
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800,public
date
Sun, 08 Aug 2021 05:42:05 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
278
x-amz-cf-id
zUHp3FqdTDAb3H12kfxF1PK3G1ZAY9JjnaOdsw08LENwFEerdxBJxw==
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2514152-6
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ceab6badf3b9825a551e9fe5dd600983d3b2a87bff57dd831095b314f6f5fe57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40756
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 07:02:25 GMT
walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
acb02d103fa9b9b3bf36fd1da54072a70fab1974b0b16f292bcf9194cef5a97d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uP8iOWp9swp1kDeK.Z9iVO7mJ1.WnZKu
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
5ZKM4DSBWTX0M71A
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
7871
x-amz-id-2
V8b3ZXlbLV+eBBioZc//afswzuiJ6uIgDW8WgRu2ShJ2rtNsBKQbFH2onj4xOksGd94wMt6ekI0=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 08 Aug 2021 05:42:59 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=82241
etag
"3dec9186717af9f876095e4c1172115e"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3TX5PM
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60d4da39b78cd96fedcf392473ccaeb8a12a674e8c9d06ba6b3bf24500e5b277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60636
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 07:02:25 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2514152-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6524
date
Sun, 08 Aug 2021 05:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 07:13:41 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=315390506&t=pageview&_s=1&dl=https%3A%2F%2Flogin.my.healthequity.com%2Flogin%3Fstate%3DhKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA%26client%3DNFrq8INMGElGtiZFTC72b32bXnVsFQFP%26protocol%3Doauth2%26redirect_uri%3Dhttps%253A%252F%252Fparticipant.wageworks.com%252Foidc%252Fauthorize%26response_type%3Dcode%2520id_token%2520token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl%26x-client-SKU%3DID_NET451%26x-client-ver%3D5.3.0.0&ul=en-us&de=UTF-8&dt=HealthEquity%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=419862969&gjid=1869928905&cid=1559098531.1628406145&tid=UA-2514152-6&_gid=1533203882.1628406145&_r=1&gtm=2ou840&z=1584359236
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 07:02:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.my.healthequity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-73176708-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3TX5PM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac070dcc72b66db329dc14a056148210b44e2b839ab74c11ce42a2247c1b9592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40770
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 07:02:25 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=315390506&t=pageview&_s=1&dl=https%3A%2F%2Flogin.my.healthequity.com%2Flogin%3Fstate%3DhKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA%26client%3DNFrq8INMGElGtiZFTC72b32bXnVsFQFP%26protocol%3Doauth2%26redirect_uri%3Dhttps%253A%252F%252Fparticipant.wageworks.com%252Foidc%252Fauthorize%26response_type%3Dcode%2520id_token%2520token%26scope%3Dopenid%2520profile%26response_mode%3Dform_post%26nonce%3D637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl%26x-client-SKU%3DID_NET451%26x-client-ver%3D5.3.0.0&ul=en-us&de=UTF-8&dt=HealthEquity%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=502584109&gjid=1764707453&cid=1559098531.1628406145&tid=UA-73176708-1&_gid=1533203882.1628406145&_r=1&gtm=2ou840&z=1906141149
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 07:02:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.my.healthequity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com/SIE/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3wUoawaaZkbfa29
Requested by
Host: login.my.healthequity.com
URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e4cb4eb1db461bacbf178b5da6fd17448876ca426d64adcf418d95a0f6e30339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
261662
cf-polished
origSize=8383
edge-control
max-age=604800
x-envoy-upstream-service-time
7
vary
Accept-Encoding
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"20bf-lxrqAZqeoBqhvHuewQo57pt3SZg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
67b6e1075af80b80-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
maintenance.png
maintenance.healthequity.com/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maintenance.healthequity.com/maintenance.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
198.17.0.22 , United States, ASN13951 (DATABANK-SLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cb95475ec29175998b06f4fca54fad7a578f7cc87268053786c98d2b98d5acfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 07:02:25 GMT
Last-Modified
Thu, 06 Sep 2018 15:56:08 GMT
Server
Microsoft-IIS/10.0
ETag
"09ce71ffa45d41:0"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21710
collect
stats.g.doubleclick.net/j/ 		1 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-73176708-1&cid=1559098531.1628406145&jid=502584109&gjid=1764707453&_gid=1533203882.1628406145&_u=aEDAAUABAAAAAC~&z=1530061919
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Aug 2021 07:02:25 GMT
content-type
text/plain
access-control-allow-origin
https://login.my.healthequity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.txt
cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55ac2e3a3ced972f18fa9bfb3b1516ff574e0984fdc22ccff1bc1c2e8bf63217
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XWYvMToE0Z7wQ7ZWgn9TcM8Aq8QJUcA1
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
XKXZ5HC9MJYY5TAK
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
631
x-amz-id-2
rv7AGN6UgnDf1W+T4q35hqiM1wOh3o5TJ4MqM7ON0pxHezHgHnOSmAi35UqQ5eG2d2h1qOkmbZE=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 08 Aug 2021 05:42:59 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=900
etag
"17b2af1819a76de59c60317e83c67658"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*
10.abbf6da5cd84d6c2bbaf.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.abbf6da5cd84d6c2bbaf.chunk.js?Q_CLIENTVERSION=1.57.0&Q_CLIENTTYPE=web&Q_BRANDID=login.my.healthequity.com
Requested by
Host: zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com
URL: https://zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3wUoawaaZkbfa29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1202d4d1348462dd2316a55807468cf40f26a220b88d915edc2ac053b501ac7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 07:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
285620
cf-polished
origSize=51239
edge-control
max-age=604800
x-envoy-upstream-service-time
47
vary
Accept-Encoding
last-modified
Wed, 28 Jul 2021 19:33:07 GMT
server
cloudflare
x-powered-by
Express
etag
W/"c827-17aee9b3538"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
67b6e107ab580b80-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
wmjQuery3319.js
cdn.walkme.com/player/resources/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery3319.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22b09e81518c78a109fd4b00895fca0921b9992a274b8531a6cd6b318fa5e16d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_2liQc0a3c5geUlXrGmhVwTexDpNFsYy
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
M195SAQ3XC78NZXB
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
29984
x-amz-id-2
9kKDRTfQ7tTnosX1IeZGgWYFshU9GdT1z4QZVffm2zMYBGI7RHJ9hSWnUeE0kkNhE6hQKbYOWow=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 May 2021 19:24:52 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=23961019
etag
"eeac6e4b5388bac385a8964eb25cf563"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*
prelib-plugin-2d1f9ac4-74eb-3ec9-aeea-3921ea459fde.js
cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/scripts/ 		331 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/scripts/prelib-plugin-2d1f9ac4-74eb-3ec9-aeea-3921ea459fde.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
890cc4fa8f834208b2da6a24c8a8aaf67a919c81ec738b5f0823c3b9bac9bf36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
R6XXFHXG8_5kgTz8VslICHAfvnqft7MK
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
EVJZ1BBDW80HPYPF
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
96832
x-amz-id-2
6D6T1t3hxzMr+j80J1x+NnNEvxw/B0gpxvRjN6Nbn3hxiAxS02T05yQVMFZ+cteFLUmIHdXKLTY=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Jun 2021 10:14:20 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=29486274
etag
"6791202322d546ca1a5b2d7f6a81e5a4"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20210729-153535-2b1de333-40186937.js
cdn.walkme.com/player/lib/ 		2 MB
478 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20210729-153535-2b1de333-40186937.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f08eadb74158473e1adec0f890302cfc2490ab4a8c9b7826bf3f2f37de2e3344
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GkmTU7mk6VkFNPtwdjSRPNsaHN.cGFf8
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
XGKQBCE1JA72N5NX
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
487956
x-amz-id-2
O7XOyB45LxhJ/uswdf/WEQ2dyGDiExcdzgZLuDLXYP4V0/2+tfWa7N0rlpD7E+esInrRRKQc6CE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Jul 2021 15:48:07 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30934175
etag
"c5f3a72181ea8122dd095bc282c83544"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*
walkme_config_b72c7836a24c43c5950125939af64468.js
cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_config_b72c7836a24c43c5950125939af64468.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f3599f85f2a2440f8e7e8178c44f1199/walkme_f3599f85f2a2440f8e7e8178c44f1199_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-59-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad9a43234bc587152f795e98543994db46bd720bc31b8188ff6be75de54e10f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CnDBbdVhlD_UIUYFQpATvO596nM1i6Ay
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
XKXW8151KBQE2KV9
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1826
x-amz-id-2
ODRSXEpen8Axm+keyniFOT+OE2XEjWvjiWNkqUCq/J5OhXU6sIkxmY+jXOwlL2BiN5gLL5nKBWY=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 08 Aug 2021 05:17:53 GMT
date
Sun, 08 Aug 2021 07:02:25 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31533477
etag
"c82eb0c47d046b35017088626c401d9a"
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| auth0 object| _walkmeConfig function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| WalkmeSnippet object| _walkmeInternals object| wmSnippet undefined| fixedCallback object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.57.0 function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded object| JacoRecorder object| WalkMeInsightsAPI object| _walkmeWebpackJP object| _makeTutorialEv

8 Cookies

Domain/Path Name / Value
.healthequity.com/ Name: _gat_gtag_UA_73176708_1
Value: 1
.healthequity.com/ Name: _gat_gtag_UA_2514152_6
Value: 1
login.my.healthequity.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI
.healthequity.com/ Name: _ga
Value: GA1.2.1559098531.1628406145
login.my.healthequity.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQNgSdgvhvsB9vZ1DkA9lVv2ScVwATLSAFl0LqbYVFuJAL80Xr-vp13rMVQmc2KRzqp6yFN5zRtS7suTab5NZpj6mY29va2llg6dleHBpcmVz1_-Ej4wAYRN2AK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.c2whDuQ8Cr%2Bm1n02gqOlb0M6F0CxLCmd1xkZT7wN9DI
.healthequity.com/ Name: _gid
Value: GA1.2.1533203882.1628406145
login.my.healthequity.com/ Name: did_compat
Value: s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM
login.my.healthequity.com/ Name: did
Value: s%3Av0%3A9572a6a0-f816-11eb-8e1d-33caa19b5624.rQNl6NyR4pHmzo3uy%2FsiaKajJ%2FZ4r%2B1VCW99pDLY1jM

1 Console Messages

Source Level URL
Text
console-api info URL: https://login.my.healthequity.com/login?state=hKFo2SB5RXRUMnlzWExHNkhVUU14R2V0bXVhbkhHTWFtc0dISqFupWxvZ2luo3RpZNkgbTFGcHhxakR1YnEteEZrS2xKVy1RT2tWX29HSXhCeE-jY2lk2SBORnJxOElOTUdFbEd0aVpGVEM3MmIzMmJYblZzRlFGUA&client=NFrq8INMGElGtiZFTC72b32bXnVsFQFP&protocol=oauth2&redirect_uri=https%3A%2F%2Fparticipant.wageworks.com%2Foidc%2Fauthorize&response_type=code%20id_token%20token&scope=openid%20profile&response_mode=form_post&nonce=637640029436756154.YTk4N2NkOGItNGIxYy00YTVkLTlhNmUtOWZjMmQ1OTM5NjQ4ZmIwNmRlNjAtYWIwZi00Zjk3LThhZjItM2YwZWQyNTBkYjVl&x-client-SKU=ID_NET451&x-client-ver=5.3.0.0(Line 107)
Message:
[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
cdn.jsdelivr.net
cdn.walkme.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
login.my.healthequity.com
maintenance.healthequity.com
participant.wageworks.com
pro.fontawesome.com
siteintercept.qualtrics.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
zn3wuoawaazkbfa29-healthequity.siteintercept.qualtrics.com
104.109.59.42
104.17.208.240
13.225.74.234
198.17.0.22
2001:4de0:ac18::1:a:1a
2606:4700::6810:125e
2606:4700::6810:abfd
2606:4700::6812:1634
2606:4700::6812:bcf
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a04:4e42:3::485
69.89.50.205
1202d4d1348462dd2316a55807468cf40f26a220b88d915edc2ac053b501ac7d
209e8a310ec2684b1c7ed4cfe451999a1c990df7776e94aaa1c8e8758c42cb01
22b09e81518c78a109fd4b00895fca0921b9992a274b8531a6cd6b318fa5e16d
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
55ac2e3a3ced972f18fa9bfb3b1516ff574e0984fdc22ccff1bc1c2e8bf63217
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
60d4da39b78cd96fedcf392473ccaeb8a12a674e8c9d06ba6b3bf24500e5b277
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
890cc4fa8f834208b2da6a24c8a8aaf67a919c81ec738b5f0823c3b9bac9bf36
ac070dcc72b66db329dc14a056148210b44e2b839ab74c11ce42a2247c1b9592
acb02d103fa9b9b3bf36fd1da54072a70fab1974b0b16f292bcf9194cef5a97d
ad9a43234bc587152f795e98543994db46bd720bc31b8188ff6be75de54e10f4
cb95475ec29175998b06f4fca54fad7a578f7cc87268053786c98d2b98d5acfe
ceab6badf3b9825a551e9fe5dd600983d3b2a87bff57dd831095b314f6f5fe57
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e4cb4eb1db461bacbf178b5da6fd17448876ca426d64adcf418d95a0f6e30339
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
f08eadb74158473e1adec0f890302cfc2490ab4a8c9b7826bf3f2f37de2e3344
f58866e24f601b44e317ecf28eb62a6aa0e2d992fb53cd030ed6e2fb96fbe024
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa798ff8828eb72b5aba0571c1fdb9c9285cbfb8c2e6f709665f98a77e9f3bb9