www.healthsafe-id.com
Open in
urlscan Pro
168.183.37.28
Public Scan
Submitted URL: https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402ccf55c91b6bea5b6528acb8c3a34df066825128f28988a33fd59d881bb2cbb6d5832caa7cd7b6...
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FREUagV4c6t%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On February 24 via manual from US — Scanned from DE
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FREUagV4c6t%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On February 24 via manual from US — Scanned from DE
Summary
This website contacted 23 IPs
in 5 countries
across 22 domains to perform 84 HTTP transactions.
The main IP is 168.183.37.28, located in
United States and
belongs to UHC, US.
The main domain is www.healthsafe-id.com.
The Cisco Umbrella rank of the primary domain is 46005.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
13.111.39.86
(United States)
ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
| click.yourhealth-wellnessteam.com |
1
52.167.10.111
(Boydton, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| account.optumbank.com |
25
168.183.37.28
(United States)
ASN10879 (UHC, US)
PTR: healthsafeid-ctc.optum.com
ASN10879 (UHC, US)
PTR: healthsafeid-ctc.optum.com
| www.healthsafe-id.com |
4
34.240.169.134
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-169-134.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-169-134.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
34.241.134.204
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-204.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-204.eu-west-1.compute.amazonaws.com
| unitedhealthgroup.demdex.net |
2
15.236.125.10
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
| smetrics.optum.com |
1
52.208.37.125
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
54.246.201.164
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-201-164.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-201-164.eu-west-1.compute.amazonaws.com
| unitedhealthgroup.tt.omtrdc.net |
2
142.250.201.194
(United States)
ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
| cm.g.doubleclick.net |
1
52.223.40.198
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org |
2
54.145.170.132
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-170-132.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-170-132.compute-1.amazonaws.com
| report.uhg.glassboxdigital.io |
6
104.17.209.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
1
91.235.134.131
(United States)
ASN30286 (THM, US)
ASN30286 (THM, US)
| 15saug00d3y5whaphao3wl4ob56voeap57kfwqrf41750e54648fe677am1.e.aa.online-metrix.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 41 |
healthsafe-id.com
2 redirects
www.healthsafe-id.com — Cisco Umbrella Rank: 46005 rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 53475 |
708 KB |
| 6 |
qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 41029 siteintercept.qualtrics.com — Cisco Umbrella Rank: 981 |
68 KB |
| 5 |
online-metrix.net
1 redirects
h.online-metrix.net — Cisco Umbrella Rank: 3176 15saug00d3y5whaphao3wl4ob56voeap57kfwqrf41750e54648fe677am1.e.aa.online-metrix.net |
17 KB |
| 5 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 198 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 22452 |
7 KB |
| 5 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 470 |
185 KB |
| 4 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
4 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
176 KB |
| 3 |
rakanto.com
repo.rakanto.com — Cisco Umbrella Rank: 19008 cse.rakanto.com — Cisco Umbrella Rank: 19219 |
43 KB |
| 3 |
optum.com
1 redirects
sso.optum.com — Cisco Umbrella Rank: 47480 smetrics.optum.com — Cisco Umbrella Rank: 19632 |
2 KB |
| 2 |
glassboxdigital.io
report.uhg.glassboxdigital.io — Cisco Umbrella Rank: 48009 |
5 KB |
| 2 |
google.de
www.google.de — Cisco Umbrella Rank: 6149 |
563 B |
| 2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
563 B |
| 2 |
gbqofs.com
cdn.gbqofs.com — Cisco Umbrella Rank: 7630 |
278 KB |
| 2 |
werally.com
member.werally.com — Cisco Umbrella Rank: 49001 |
23 KB |
| 2 |
myoptum.com
www.myoptum.com — Cisco Umbrella Rank: 56509 |
16 KB |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296 |
265 B |
| 1 |
omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 20139 |
729 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1048 |
517 B |
| 1 |
browser-update.org
browser-update.org — Cisco Umbrella Rank: 6610 |
5 KB |
| 1 |
optumbank.com
1 redirects
account.optumbank.com — Cisco Umbrella Rank: 147031 |
1 KB |
| 1 |
yourhealth-wellnessteam.com
1 redirects
click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 94543 |
212 B |
| 0 |
ib-ibi.com
Failed
global.ib-ibi.com Failed |
|
| 84 | 22 |
| Domain | Requested by | |
|---|---|---|
| 25 | www.healthsafe-id.com |
2 redirects
www.healthsafe-id.com
|
| 16 | rba-screen.healthsafe-id.com |
www.healthsafe-id.com
rba-screen.healthsafe-id.com |
| 5 | siteintercept.qualtrics.com |
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
www.healthsafe-id.com siteintercept.qualtrics.com |
| 5 | assets.adobedtm.com |
www.healthsafe-id.com
assets.adobedtm.com |
| 4 | h.online-metrix.net |
1 redirects
rba-screen.healthsafe-id.com
|
| 4 | dpm.demdex.net |
1 redirects
www.healthsafe-id.com
|
| 3 | www.googletagmanager.com |
assets.adobedtm.com
www.googletagmanager.com |
| 2 | report.uhg.glassboxdigital.io |
www.healthsafe-id.com
cdn.gbqofs.com |
| 2 | www.google.de |
www.healthsafe-id.com
|
| 2 | www.google.com |
www.healthsafe-id.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 2 | smetrics.optum.com |
www.healthsafe-id.com
|
| 2 | cdn.gbqofs.com |
www.healthsafe-id.com
cdn.gbqofs.com |
| 2 | member.werally.com |
www.healthsafe-id.com
|
| 2 | www.myoptum.com |
www.healthsafe-id.com
|
| 2 | cse.rakanto.com |
www.healthsafe-id.com
|
| 1 | 15saug00d3y5whaphao3wl4ob56voeap57kfwqrf41750e54648fe677am1.e.aa.online-metrix.net | |
| 1 | zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com |
www.healthsafe-id.com
|
| 1 | match.adsrvr.org |
www.healthsafe-id.com
|
| 1 | unitedhealthgroup.tt.omtrdc.net |
www.healthsafe-id.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | unitedhealthgroup.demdex.net |
assets.adobedtm.com
|
| 1 | browser-update.org |
www.healthsafe-id.com
|
| 1 | repo.rakanto.com |
www.healthsafe-id.com
|
| 1 | sso.optum.com | 1 redirects |
| 1 | account.optumbank.com | 1 redirects |
| 1 | click.yourhealth-wellnessteam.com | 1 redirects |
| 0 | global.ib-ibi.com Failed |
www.healthsafe-id.com
|
| 84 | 29 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| account.optumbank.com |
| www.uhc.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| healthsafeid.optum.com COMODO RSA Organization Validation Secure Server CA |
2022-08-08 - 2023-08-08 |
a year | crt.sh |
| repo.rakanto.com COMODO RSA Organization Validation Secure Server CA |
2022-08-09 - 2023-08-09 |
a year | crt.sh |
| cse.rakanto.com COMODO RSA Organization Validation Secure Server CA |
2023-01-28 - 2024-01-28 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.myoptum.com COMODO RSA Organization Validation Secure Server CA |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
| *.werally.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-07 - 2023-08-04 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-20 - 2023-04-20 |
a year | crt.sh |
| *.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-01 - 2023-09-01 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
| rba-screen.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA |
2022-05-16 - 2023-05-16 |
a year | crt.sh |
| uhg.glassboxdigital.io Amazon |
2022-10-08 - 2023-11-07 |
a year | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
| h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2023-01-09 - 2024-01-23 |
a year | crt.sh |
| *.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1 |
2022-06-08 - 2023-07-10 |
a year | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FREUagV4c6t%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FImvx2yu00j%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0
Frame ID: EA47D1CFC47E32588E871B74D931FD8D
Requests: 58 HTTP requests in this frame
Frame:
https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: 9466808370BA580225AFC2DEE9551CEF
Requests: 2 HTTP requests in this frame
Frame:
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 5FDB1F86B7FCE79FFBC0B72E1093E4FC
Requests: 4 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677&jb=3739242e6871677735576b6e6667777b26627b6735576b666c6d7773273a32333826687360753f4b6a70676f6d266873603543607267656d2d3232393932
Frame ID: 1287AC481C516931BC6584E8279930E2
Requests: 13 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/HP?session_id=31697f96-5703-49a8-991c-87a1b8f3857d&org_id=15saug00&nonce=41750e54648fe677&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 53485F2375737111EE0A4C202F04D182
Requests: 3 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677
Frame ID: F03C888571F72AFDBE239AE48709B390
Requests: 2 HTTP requests in this frame
Frame:
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677
Frame ID: 7CCE7FA811703FA963E494A4602D2841
Requests: 2 HTTP requests in this frame
Frame:
https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677
Frame ID: D65524B70B38EF8ACBD4816B5EE1C5E9
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign in - OptumBankPage URL History Show full URLs
-
https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402ccf55c91b6bea5b6528acb8c3a34df066825128f28988a33fd59d881b...
HTTP 302
https://account.optumbank.com/account HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?acr_values=&approval_prompt=force&client_id=bank... HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/Imvx2yu00j/resume/as/authorization.ping&spe... HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FREUagV4c6t%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL
Detected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://account.optumbank.com/
Search URL Search Domain Scan URL
URL: https://www.uhc.com/legal/accessibility
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.yourhealth-wellnessteam.com/?qs=e464b84b0d5b402ccf55c91b6bea5b6528acb8c3a34df066825128f28988a33fd59d881bb2cbb6d5832caa7cd7b6c9f2dc7d0ea0cbbc02e0039dad15b459e1cc
HTTP 302
https://account.optumbank.com/account HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?acr_values=&approval_prompt=force&client_id=bank-cloud-prod&redirect_uri=https%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback&response_type=code&scope=openid&state=904d3ef3547bfe8c46be03a503db5fa3%3A%2Faccount%3Fbrand%3Doptum%26portal%3Doptum&pfidpadapterid=HsidNewUIOidc&portal=cap HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/cap/en?resume=/as/Imvx2yu00j/resume/as/authorization.ping&spentity=null&scope=openid&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://account.optumbank.com/login/callback&portal=cap&client_id=bank-cloud-prod HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiTmJiZEctRzdMV1hiVTZSMHhsM1p4dE9qR0NRIiwic3VmZml4IjoiMVlkelJxLjE2NzcyNjY5ODMifQ..c_TZDtYYEKzLYZ6UtodatA.mvMZyx9sM_eh43zmWFOH5CmYOnF6GmoOnU4jso38SwawsmuPu_Qp9s-MJ7ieqpCMGANauaxHIhBEVfBObRjiACZbRMlO_qoP9UxahkKKED7rtGKGFgodyZIIca0V1RucBEn-61DJIrJzztr-zpvTEIpaFXc2ZB2W07e9tPxQBuTeVA08RemV3WVT4HD2qpGccJfdGWiMwqvwvb_LPKmEWDK_7bD1Zo5BHUlHymHq4QCprwTBgbT7j3_HNjvokbgkqm3uJpFksVDRiYdlhhPaXiELnLiPugyzA3YFZDJC9MA6UGscQGdHPFDF36zItQbV.Vc7CP56J4HfPPuK6LWJsFg&nonce=fPFgB7UMve0VXOrwT8WjZy9ZFUkrrk8pkK9G-0ZUWHU&acr_values=BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FImvx2yu00j%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FREUagV4c6t%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fcap%2Fen%3Fresume%3D%2Fas%2FImvx2yu00j%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Faccount.optumbank.com%2Flogin%2Fcallback%26portal%3Dcap%26client_id%3Dbank-cloud-prod&reason=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1677266689849 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1677266689849
- https://cm.everesttech.net/cm/dd?d_uuid=85290169984113888331970789179633096152 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-kPAgAAAM4BxQN-
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODUyOTAxNjk5ODQxMTM4ODgzMzE5NzA3ODkxNzk2MzMwOTYxNTI= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODUyOTAxNjk5ODQxMTM4ODgzMzE5NzA3ODkxNzk2MzMwOTYxNTI=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN8kL4IqVbOCwvm0YGIKd1w&google_cver=1?gdpr=0&gdpr_consent=
- https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677>tl=155520000 HTTP 302
- https://h.online-metrix.net/fp/clear.png?org_id=15saug00&session_id=31697f96-5703-49a8-991c-87a1b8f3857d&nonce=41750e54648fe677&k=2
84 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
login
www.healthsafe-id.com/rt/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bundles-average.js
www.healthsafe-id.com/assets/ |
993 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ruxitagentjs_ICA27NVdefghjrtux_10253221019152312.js
www.healthsafe-id.com/ |
269 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bundles-average.js
www.healthsafe-id.com/assets/ |
204 KB 117 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BrowserUpdate.css
www.healthsafe-id.com/rt/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cx.js
repo.rakanto.com/rakanto/cx/ |
128 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.eb630810.chunk.css
www.healthsafe-id.com/rt/static/css/ |
94 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7.06f29af0.chunk.js
www.healthsafe-id.com/rt/static/js/ |
503 KB 160 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.9cffe580.chunk.js
www.healthsafe-id.com/rt/static/js/ |
247 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
cse.rakanto.com/cx_collector/ |
3 B 472 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
assets.adobedtm.com/ |
472 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
22.9ca098eb.chunk.js
www.healthsafe-id.com/rt/static/js/ |
11 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en
www.healthsafe-id.com/uiconfig/cap/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en
www.healthsafe-id.com/hsid2/content/cap/ |
148 KB 43 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
featureFlags
www.healthsafe-id.com/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
update.min.js
browser-update.org/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.3a178b61.chunk.css
www.healthsafe-id.com/rt/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8.3da3b6fd.chunk.js
www.healthsafe-id.com/rt/static/js/ |
33 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
976 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EXee6fea3e0d8945bba6f84c70c6160aa1-libraryCode_source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
331 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
112 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
OptumBank_Logo.png
www.myoptum.com/content/dam/hsid/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ExternalLink.64fe2dcc.svg
www.healthsafe-id.com/rt/static/media/ |
524 B 915 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Bold.4d8f0b88.woff
www.healthsafe-id.com/rt/static/media/ |
15 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Roman.0d39e936.woff
www.healthsafe-id.com/rt/static/media/ |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crossStorageHub
www.healthsafe-id.com/protected/ Frame 9466 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
system-arrow-md.svg
member.werally.com/assets/icons/ |
347 B 855 B |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
inbound
www.healthsafe-id.com/hsid/setup/ |
59 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rbaurl
www.healthsafe-id.com/hsid/ |
40 B 646 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
192 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ |
462 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
unitedhealthgroup.demdex.net/ Frame 5FDB |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.optum.com/ |
48 B 461 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=Y-kPAgAAAM4BxQN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ |
360 B 729 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hub-1.0.0.min.js
www.healthsafe-id.com/js/vendor/cross-storage/ Frame 9466 |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HSID_Logo.png
www.myoptum.com/content/dam/hsid/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info
www.healthsafe-id.com/protected/tmx/ |
742 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC284096cbc5ef4b9bbf0cbf36327006f8-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
312 B 466 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEN8kL4IqVbOCwvm0YGIKd1w&google_cver=1
dpm.demdex.net/ Frame 5FDB Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
s29974102472591
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod/1/JS-2.8.2-LCXS/ |
43 B 420 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC79ede7d2e195494e8d29dd6cf3dcc73b-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
801 B 732 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/801669703/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/801669703/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 5FDB |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
174 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
image.sbix
global.ib-ibi.com/ Frame 5FDB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f
www.healthsafe-id.com/ |
149 B 364 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tags.js
rba-screen.healthsafe-id.com/fp/ |
93 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/959766874/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/959766874/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/959766874/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RC27118b4cbb854aff86652bc960a05b5e-source.min.js
assets.adobedtm.com/512027f42d3c/3189bbb33f85/89a7bcd3656f/ |
1 KB 927 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ |
4 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
298 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
81 B 475 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detector-dom.min.js
cdn.gbqofs.com/uhg/hsid/p/ Frame 1287 |
462 KB 139 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
81 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
cse.rakanto.com/cx_collector/ |
3 B 472 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
HP
rba-screen.healthsafe-id.com/fp/ Frame 5348 |
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
81 B 537 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
h.online-metrix.net/fp/ Frame 1287 Redirect Chain
|
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ls_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8
rba-screen.healthsafe-id.com/fp/ Frame F03C |
91 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sid_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8
h.online-metrix.net/fp/ Frame 7CCE |
104 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top_fp.html;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8
rba-screen.healthsafe-id.com/fp/ Frame D655 |
90 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
0 219 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
15saug00d3y5whaphao3wl4ob56voeap57kfwqrf41750e54648fe677am1.e.aa.online-metrix.net/fp/ Frame 1287 |
81 B 438 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
check.js
rba-screen.healthsafe-id.com/fp/ Frame 5348 |
209 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame F03C |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.884592655f8e03c201b2.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/340df073-d6dd-6d66-51a3-4037cf49ab94/ Frame 1287 |
4 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=163D427C8CC6481A144BD4EF6BA5CDB8
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear1.png;CIS3SID=43463834900155F81E0FFFA9A4C8F16D
h.online-metrix.net/fp/ Frame 7CCE |
0 400 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
62 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ARF;CIS3SID=DA5501F318F66C61B4D674B7A4845714
rba-screen.healthsafe-id.com/fp/ Frame 5348 |
35 B 557 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
102 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
clear.png
rba-screen.healthsafe-id.com/fp/ Frame 1287 |
0 387 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6.4ae8a96ad0173facde55.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 897 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.e396ac4697f9a8b9d2aa.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- global.ib-ibi.com
- URL
- https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=85290169984113888331970789179633096152
Verdicts & Comments Add Verdict or Comment
94 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| dT_ object| dtrum object| dynatrace object| optumPageDataLayer string| RakantoObject function| Rakanto string| rakanto_ubrid number| rakanto_sendInterval object| rakanto_api_endpoints function| pxSendCustomData function| clearImmediate function| setImmediate object| regeneratorRuntime function| initiateStoreUserData function| IMask function| $bu_getBrowser object| $buoop object| $bu_ function| $buo object| _buorgres object| pageDataLayer function| publishPostPageData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer function| gtag object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| targetGlobalSettings function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq object| daco string| s_account object| s function| forge number| s_objectID number| s_giq object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _cls_config object| _detector object| webVitals object| convertize object| s_i_uhgoptumglobalprod_uhghsidprod boolean| eventLimitExceeded string| eventToEmit object| td_2c function| td_J function| td_T function| td_H function| td_m function| td_0e function| td_2q function| td_A function| td_s function| td_k function| td_W function| td_4n function| td_3p function| td_3E function| td_4s function| td_V function| td_d function| td_2k function| td_y function| td_4l number| td_z number| td_R number| td_Q number| td_D number| td_o object| td_5H function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed boolean| tmx_profiling_started function| pixelTrack object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.84.1 object| _qsie42 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| account.optumbank.com/ | Name: ApplicationGatewayAffinityCORS Value: 8844b56f1f8eef629ffab281e2f5f688 |
|
| account.optumbank.com/ | Name: ApplicationGatewayAffinity Value: 8844b56f1f8eef629ffab281e2f5f688 |
|
| account.optumbank.com/ | Name: auth_proxy_login Value: true |
|
| account.optumbank.com/ | Name: web_oauth2_proxy_csrf Value: 904d3ef3547bfe8c46be03a503db5fa3 |
|
| sso.optum.com/ | Name: ext-PF Value: jpqGPQti2OsSMhqkX6gucXmdLRzi85ed1mvfWmuG97Gm |
|
| www.healthsafe-id.com/ | Name: nonce.1YdzRq.1677266983 Value: 1a944d25-17f3-42b1-8ae5-001e3cf4c241 |
|
| www.healthsafe-id.com/ | Name: 0870927d219d7847767888a82a6ca2ff Value: 6f2f27916c086a129e1022f9411359a9 |
|
| www.healthsafe-id.com/ | Name: BIGipServerapps.ocp-ctc-dmz.optum.com_80 Value: 462278410.20480.0000 |
|
| www.healthsafe-id.com/ | Name: TS0110f9d0 Value: 016f206c387da403b6727202c1082037f51444462838f2f130de15d80c7f2f07c22afd4d7d43ec2e54d20162d1871b03ce349afa6c |
|
| .healthsafe-id.com/ | Name: TS01472d49 Value: 016f206c387da403b6727202c1082037f51444462838f2f130de15d80c7f2f07c22afd4d7d43ec2e54d20162d1871b03ce349afa6c |
|
| www.healthsafe-id.com/ | Name: ext-PF Value: dmiRxnd4PYfgQXxILuTR1ZqycHbptnxiPWFW5zEOtc99 |
|
| .healthsafe-id.com/ | Name: dtCookie Value: v_4_srv_44_sn_67048A9D2C418AE193A86CE21A2B4934_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0_app-3Aea7c4b59f27d43eb_0 |
|
| www.healthsafe-id.com/ | Name: bfd37fd494e6c607638f0a9f1120ca35 Value: 6f2f27916c086a129e1022f9411359a9 |
|
| .www.healthsafe-id.com/ | Name: Tv6TR2qd Value: A_iI4oSGAQAAYyxKiyb9A8iCILK2ebO-ErajgWWfnKNwm8wnQPqkotrck2-EAVD_B2SucuFZwH8AAEB3AAAAAA|1|0|b11048a54c79bea4d066fff7f8170ef70656afb4 |
|
| .www.healthsafe-id.com/ | Name: TS01747532 Value: 016f206c387da403b6727202c1082037f51444462838f2f130de15d80c7f2f07c22afd4d7d43ec2e54d20162d1871b03ce349afa6c |
|
| .healthsafe-id.com/ | Name: rxVisitor Value: 1677266685837M5MK6KNCPO6J092VUOT611Q3QNKLQHFQ |
|
| .healthsafe-id.com/ | Name: dtLatC Value: 3423 |
|
| .healthsafe-id.com/ | Name: dtSa Value: - |
|
| .rakanto.com/ | Name: pixel-ubrid Value: v2.0-7c192fd8b04a3be6177c7a73d815df27-1397-1403-1673145163700-0001003833-1677266687514 |
|
| www.healthsafe-id.com/ | Name: RakantoClientSideData Value: eyJ1YnJpZCI6InYyLjAtN2MxOTJmZDhiMDRhM2JlNjE3N2M3YTczZDgxNWRmMjctMTM5Ny0xNDAzLTE2NzMxNDUxNjM3MDAtMDAwMTAwMzgzMy0xNjc3MjY2Njg3NTE0IiwiY29tbWl0X2hhc2giOiI5MTFjY2FmIn0= |
|
| www.healthsafe-id.com/ | Name: rakanto_ubrid Value: |
|
| www.healthsafe-id.com/ | Name: HSID_V Value: b8b559e6-d19d-4929-a638-88744a6d57c6 |
|
| www.healthsafe-id.com/ | Name: SESSION Value: NzYxODNjOTItMjhiYy00MWY0LThiMGQtM2E1N2U1YThiNmU3 |
|
| .healthsafe-id.com/ | Name: at_check Value: true |
|
| .healthsafe-id.com/ | Name: _gcl_au Value: 1.1.904198673.1677266690 |
|
| .demdex.net/ | Name: demdex Value: 85290169984113888331970789179633096152 |
|
| .healthsafe-id.com/ | Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1 |
|
| www.healthsafe-id.com/ | Name: JSESSIONID Value: 250D27624EBE43F8AC83553940D5A70F |
|
| .healthsafe-id.com/ | Name: _cls_v Value: 6c92e0f2-cf07-4c26-8c7a-936482d9085c |
|
| .healthsafe-id.com/ | Name: _cls_s Value: 9eace81c-55c2-456f-8133-e6414f511196:0 |
|
| .healthsafe-id.com/ | Name: mbox Value: session#ba6f7abe724540319af4ad3952a8b579#1677268551|PC#ba6f7abe724540319af4ad3952a8b579.37_0#1740511491 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Y-kPAgAAAM4BxQN- |
|
| .healthsafe-id.com/ | Name: s_cc Value: true |
|
| .dpm.demdex.net/ | Name: dpm Value: 85290169984113888331970789179633096152 |
|
| .healthsafe-id.com/ | Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19413%7CMCMID%7C87698733573904036561490789122116700721%7CMCAAMLH-1677871490%7C6%7CMCAAMB-1677871490%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1677273890s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19420%7CvVersion%7C5.0.1 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1677266690630|903-1-1677266690731|285689-1-1677266690832 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlK4zN0YV8BGpco0-301Xcp7f0ejz4lw7D9IFRVw3KxE8O7oXhwyLjyacGc |
|
| rba-screen.healthsafe-id.com/ | Name: thx_guid Value: 1a676573e3d1f4bbadd54c6c19dd3393 |
|
| .healthsafe-id.com/ | Name: rxvt Value: 1677268491938|1677266685839 |
|
| h.online-metrix.net/ | Name: thx_global_guid Value: 4cd0ceb89b6f4ba9b7b565320e0b626f |
|
| .healthsafe-id.com/ | Name: dtPC Value: 44$266685836_540h-vHFDHIFBTSTGPJHHEPMMTNPDPARNLGCKU-0e0 |
|
| report.uhg.glassboxdigital.io/ | Name: AWSALBCORS Value: PDqQeeg6GLee7Sn6owPTMw3BEZnOd652Ij4EcUvjC3vzhPuDrPHaFGi31dxetqD5rzqT60iAmQu1/5t8IG9Hnk/gfT6JOwD42zqCpPNtEG6i6+f3Ee+oVu9MjQB2 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload |
| X-Content-Type-Options | nosniff nosniff |
| X-Frame-Options | SAMEORIGIN SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
15saug00d3y5whaphao3wl4ob56voeap57kfwqrf41750e54648fe677am1.e.aa.online-metrix.net
account.optumbank.com
assets.adobedtm.com
browser-update.org
cdn.gbqofs.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
cse.rakanto.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
match.adsrvr.org
member.werally.com
rba-screen.healthsafe-id.com
repo.rakanto.com
report.uhg.glassboxdigital.io
siteintercept.qualtrics.com
smetrics.optum.com
sso.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.google.com
www.google.de
www.googletagmanager.com
www.healthsafe-id.com
www.myoptum.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.209.240
13.111.39.86
142.250.201.194
149.111.144.83
149.111.164.232
15.236.125.10
168.183.36.187
168.183.37.28
168.183.45.15
2606:4700:20::681a:6b4
2606:4700::6812:190d
2a00:1450:400d:808::2002
2a00:1450:400d:808::2008
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::2003
2a02:26f0:f700:495::1e80
34.240.169.134
34.241.134.204
45.60.33.26
52.167.10.111
52.208.37.125
52.223.40.198
54.145.170.132
54.246.201.164
91.235.132.130
91.235.133.67
91.235.134.131
030f7e79b6b5984af0ab928b48afc87bdcc31a36831f0829e510ccb691e8c76b
03acec786d3dc259a4517f66a5574baa2f56aac676d31aa514d4952758eb3745
048ea1eb61f66585d5e2925f5c5ce5722af155d702c3759c85d310b3f2539050
08241b54cb8a5d671793e867bee847668e5b271ad1131c60c54ab0824574e528
092e8f7818319cc4dad99378234bb2946a90f2ffa08484c86a5338baf45a2635
0b2fa5a37ba56990c833142f8a6ac0c6a69a8ef7a60932e43d01bbf1b38d7162
1204f1068b5e6547c1254083409464b58c826824664c794da0c5e69ce9fd84a6
15536d1324d76d7aa6a54e42da1cdf632f398e958f54c0362986a337d4cae0d2
17ee2ce8ddfc5320a49af7983421a50e5b30de94f4456ae43d02c66fa8c6889b
2964f88aa0617bb1d500c8b7d834b2853a336a8bf2fef02435ded0579a8048bb
3ad0d5e8cd0160209ab6b15c4f2d11371041d6d7541189881a2970a7753bc746
3f0fa96b5b5d3e6b180752c239233bfeb43efe494488a6d636e20b5b8b97ccbc
43547e384a693951c23f1f4f28c16d2d6e4b91889dd2753d65943b0fc3a694f3
479c8ffe613229fe0deab227fcd848ce3761517a0ee429e05d636f462547ed97
499a56596e2c25afd7ecc21d17b25a11365cc1aa24f510ea58a4d1e940f635ce
4e55ac60c6bdea40d5f328b9f736d67ea3d1d60c33ff08fe1dce388545de2ff2
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
564227fabc3f06e1b14a17cff803e58070a9abc311f892d497d968aa29056d1e
56c288a0ae2cc72050b129446b880beedaceca767f581024c2123a106702487a
5951434b046e083c58d07fee67fc3c84058c9d43a5a2fe3ec4c7fba9d510b503
5abe9cfd90c2fc5af4b32eaa25a5820efb0ec435ac97b1fa251211b368fc0857
5f24381c7bab45eaabf32e1fc6cd4aa3c58af3becc5c2caf36a9e573c720d953
729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6
74435a4734fe95472bede86c0be515de8514da26867d931adc6eb82c2e4502f5
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ffd485c05f4fd239e22ea634e2abb1eca0482d4a0ba69632b9ba35ef9090f40
8252ff3b88895a88b9fcdf631d4706ba379c6935180ba183e25d67e068be5e0a
83a5c2eea44f96f49ac888576e776bbd30fd9c700e463a1b923af9d915bdf8a4
8a05f1d4565e5f8eb0e8642594562c1d3a03bef6568a788c6b492d5747dc83e5
8ba04606833ccfb6918eb41ee1817b348d6db6a40c987ec7a185647df5cc8ab8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93a824040fe7a0bda7fb1432d3026ffb96dde0aa285a349e3bd025c5c57bc467
94a61bd23e3af8340c2527a841237d2247ad4c7a05c73a5a242061b2cba23ad3
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97dd01bb872053a1a50e344c9fcb79b737e0612abb52da40543655adffd0b1c5
9824cc6f0ddb480e7a23b915dab76d8d98f14045c52025af0ea110eeae97273e
a435a2a198c6419b06f351c8c923b3df58895258497395077bde2cbe79f92d6a
a4f6f51ae326512f2bafad7193332cbecf32f880b8291573411228f153ebeab1
a5bff648d5d4da56f7a1e441908e0407dd81d6ff37944e1a3323f2e116b6ac4f
a6b0965a100d87191864d04d5d9ab7e2c747733cc64e23b7a0bde66af8ac3318
ac022f62a17ea4f689b0ae35c3d929790f4e9609f38f76f2191c99d22cbd3069
b0f4fad4932e4a12c18b8dea2380f259790d3089133682c2b6aa02ea28f6cd92
bed15b54dc1d3a86bdaaeaa2d7fc9015d008609ef263f1aa282358e843dc2748
c8aae779acac429f091c9f7d1099ce359c2b037d1e10436aa1c19479c4927136
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab4ad9ac78870c6461b275e4dfbee27741c3711a7a9f5bbabce68abde53a38e
ccfe42c28f31052e3c1301b78a0218025bce41a1d76197b230e0c94369f8a938
cee0797bcb8a45c3045036e814bd305a1b3c2942cc28b4701efc1b3c81bdf0b1
dc066fde464400d9032014c4d05d75c34ba2c3bc421e5d4759953ebc8276d93b
e1497036d286607cea1d5c9aad56ea4611414fe0ff4e900162dbc7dee499a022
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5b05a0f2657086933004e2edc9e9ae4638a5e6284bb4b52c7bbee3cbf900a
e594c2d465902e106564da1bfe561b2c2563ee6926ed2b54ceff88fced4c25e6
e5e217b31f355fbc74741dc1d2b999ec505e41a96c7c72eeccdb10cb9fd85dcd
eb2a9aba22bfbb8d136886a5132fb6a792c27788e24e1b634252ecc5648e1680
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef5379b6e288a9e91602d322722a1a74a887dd4ea23cc4e2738482d6feeec5
f0f9fc75d7f5543474e72603b4801ed553c511d8b7d156a8e90735d43df7c22d
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f32b61f7376cde47cee25dd3b2718457b86d2e916f2676b9dc8b3c674bb91e58
f4e6539eaffc2bd9a88fb3de67a151aa3a1fa52a1e47d98fdcabe230efa7e55a
fbfb82223e80f5097735dfb54dbfccd0b17fcb2f1b7a53ab7bdf4fcfec5ad074
fdcb021a2801ea17e426d4888de85332870d3e313584eb3e4be2bb5171e21970