benadminuat.ibenefits.ca Open in urlscan Pro
74.85.154.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://healthhub-cat.myarta.net/
Effective URL:
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXp...
Submission: On January 20 via api (January 20th 2024, 9:58:37 pm UTC) from US — Scanned from US

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 76 HTTP transactions. The main IP is 74.85.154.30, located in Burlington, Canada and belongs to DRWORKS-01, CA. The main domain is benadminuat.ibenefits.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 16th 2023. Valid for: a year.

This is the only time benadminuat.ibenefits.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	34.160.161.26 34.160.161.26	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
22	2606:4700::68... 2606:4700::6812:556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
2	34.36.88.97 34.36.88.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	2603:1036:300... 2603:1036:3000:18::4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2	54.175.249.243 54.175.249.243	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1 12	74.85.154.30 74.85.154.30	395544 (DRWORKS-01) (DRWORKS-01)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
76	10

23 34.160.161.26 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.161.160.34.bc.googleusercontent.com

healthhub-cat.myarta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cat.greenshieldplus.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:556 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
voice.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.88.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.88.36.34.bc.googleusercontent.com

api-cat.onlineweb.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1036:3000:18::4 (Boydton, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gsccatb2c.b2clogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.249.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-249-243.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.85.154.30 (Burlington, Canada) 1 redirects

ASN395544 (DRWORKS-01, CA)

benadminuat.ibenefits.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cohere.so static.cohere.so — Cisco Umbrella Rank: 32883 voice.cohere.so — Cisco Umbrella Rank: 43626 service.cohere.so — Cisco Umbrella Rank: 50931	379 KB
12	ibenefits.ca 1 redirects benadminuat.ibenefits.ca	384 KB
12	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 589 clientstream.launchdarkly.com — Cisco Umbrella Rank: 963 events.launchdarkly.com — Cisco Umbrella Rank: 886	1 KB
12	myarta.net healthhub-cat.myarta.net	1 MB
11	greenshieldplus.ca cat.greenshieldplus.ca	1 MB
4	b2clogin.com 2 redirects gsccatb2c.b2clogin.com	8 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	onlineweb.ca api-cat.onlineweb.ca	104 KB
1	gstatic.com fonts.gstatic.com	16 KB
76	9

	Domain	Requested by
16	voice.cohere.so	static.cohere.so voice.cohere.so
12	benadminuat.ibenefits.ca	1 redirects cat.greenshieldplus.ca benadminuat.ibenefits.ca
12	healthhub-cat.myarta.net	healthhub-cat.myarta.net
11	cat.greenshieldplus.ca	healthhub-cat.myarta.net cat.greenshieldplus.ca
8	app.launchdarkly.com	healthhub-cat.myarta.net cat.greenshieldplus.ca
4	gsccatb2c.b2clogin.com	2 redirects healthhub-cat.myarta.net cat.greenshieldplus.ca
4	static.cohere.so	healthhub-cat.myarta.net cat.greenshieldplus.ca
3	fonts.googleapis.com	client benadminuat.ibenefits.ca
2	events.launchdarkly.com	healthhub-cat.myarta.net
2	clientstream.launchdarkly.com	healthhub-cat.myarta.net cat.greenshieldplus.ca
2	service.cohere.so	static.cohere.so
2	api-cat.onlineweb.ca	healthhub-cat.myarta.net cat.greenshieldplus.ca
1	fonts.gstatic.com	fonts.googleapis.com
76	13

This site contains no links.

Subject Issuer	Validity	Valid
cat.greenshieldplus.ca GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
static.cohere.so Cloudflare Inc ECC CA-3	`2023-10-16` - `2024-10-15`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
api-dev-gcp.onlineweb.ca GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
voice.cohere.so E1	`2023-12-19` - `2024-03-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-20` - `2024-02-20`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M01	`2023-08-09` - `2024-09-05`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.ibenefits.ca Sectigo RSA Domain Validation Secure Server CA	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPxiLacajMu_uakfwWM2Cqz3UhRXa5yoXXtsAqVJPj6zh5fzz7NcRTbYPU1asRy5yz_y-JxbPiMSWMenXewWjbdkWHxfN60a3Z4ikBBddS4RWgnawD5atyVtCjSUrx853hEXAGS4RZv_k_mFsFj4Dk_TNPVMVh-BSW6uI3ZAu6VxmnftnAfmOXMRwuQ8XcGKxyKirB7llYGWRb3QFdXXDcFzjQfSSqdUMyvM-ckpKeixmBm_b1k
Frame ID: E47474C21A3421789F7291D5C270A53C
Requests: 55 HTTP requests in this frame

Frame: https://voice.cohere.so/chatPreload/
Frame ID: 10DA6D02A90D9CE7B6EFDF7F80A8C23C
Requests: 8 HTTP requests in this frame

Frame: https://voice.cohere.so/chatPreload/
Frame ID: 875A55ADF51848D37464386EA34CABF8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in

Page URL History Show full URLs

https://healthhub-cat.myarta.net/ Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/... HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=... HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2... HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

13
Subdomains

10
IPs

2
Countries

3033 kB
Transfer

13968 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://healthhub-cat.myarta.net/ Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhealthhub-cat.myarta.net%2Fsignin&client-request-id=e385c4ab-2040-4d93-8d0e-c1321cef09bf&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=t7tXY7WYXVZUyS39ByS08X11eL2hD_BY48WgyQwIExE&code_challenge_method=S256&nonce=8111e07e-c346-4618-9fa0-fceac54ed3cc&state=eyJpZCI6ImQxNjY2MzIyLTIyYzQtNGUyZC1iMmYwLTdlODhjOTdjZTk3OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&client=&app_domain=healthhub-cat.myarta.net&ui_locales=en HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fcat.greenshieldplus.ca%2Flogin%2Fcwi-sso&client-request-id=5b70fab5-1643-41cd-b9d2-fe2e6edeb66f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=LcICPyCr3c4TSGiqlwntUWoiq4OiNb9LesqRGnvjLxE&code_challenge_method=S256&nonce=8e7d65b6-087c-419c-b264-b4c6e417a8d9&state=eyJpZCI6IjU1ZjY2N2U1LWMxYzMtNGEyZC04Y2FhLThkYWI3ZjExNWI5OSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&app_domain=cat.greenshieldplus.ca&ui_locales=en HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2f%2fgsccatb2c.b2clogin.com%2fgsccatb2c.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email+gsc&response_mode=form_post&nonce=fW6aA8tu0YjgaM2ezPiVSw%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6MjMzNzdkNjUtY2VkNi00MTNlLWEwNmQtZjliZTIxYTc5ZmE2IiwiVElEIjoiNGJkZmI5NzAtZjViYS00Mjg3LTk5ODktYTkxZjQ3OWFiYTA2IiwiVE9JRCI6ImE4NWI2NWRhLWIzZWYtNGEwMS1iZmU1LTFlMzBhMDg5MTZmMiJ9 HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPxiLacajMu_uakfwWM2Cqz3UhRXa5yoXXtsAqVJPj6zh5fzz7NcRTbYPU1asRy5yz_y-JxbPiMSWMenXewWjbdkWHxfN60a3Z4ikBBddS4RWgnawD5atyVtCjSUrx853hEXAGS4RZv_k_mFsFj4Dk_TNPVMVh-BSW6uI3ZAu6VxmnftnAfmOXMRwuQ8XcGKxyKirB7llYGWRb3QFdXXDcFzjQfSSqdUMyvM-ckpKeixmBm_b1k Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhealthhub-cat.myarta.net%2Fsignin&client-request-id=e385c4ab-2040-4d93-8d0e-c1321cef09bf&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=t7tXY7WYXVZUyS39ByS08X11eL2hD_BY48WgyQwIExE&code_challenge_method=S256&nonce=8111e07e-c346-4618-9fa0-fceac54ed3cc&state=eyJpZCI6ImQxNjY2MzIyLTIyYzQtNGUyZC1iMmYwLTdlODhjOTdjZTk3OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&client=&app_domain=healthhub-cat.myarta.net&ui_locales=en HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
healthhub-cat.myarta.net/ 4 KB
2 KB 192ms
99ms Document
text/html 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://healthhub-cat.myarta.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.161.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

7c7a8aa3c6f7755ede70b58ad1124ab694238bdd80b3ddfc5b9c35ba5dd7b10b

Security Headers

Name	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-hBvijIHCJ+XmAVkfac3G0A==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: ;default-src 'self' *.cohere.so *.googletagmanager.com *.b2clogin.com;script-src 'nonce-hBvijIHCJ+XmAVkfac3G0A==' 'self' *.gstatic.com *.cohere.so *.google.com *.gstatic.com *.googletagmanager.com *.googleapis.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.googletagmanager.com *.google.com;font-src 'self' data: *.gstatic.com;connect-src 'self' *.b2clogin.com *.googleapis.com *.onlineweb.ca *.gstatic.com *.google.com *.googletagmanager.com *.g.doubleclick.net *.greenshieldplus.ca *.cohere.so ws: *.launchdarkly.com;img-src 'self' data: *.gstatic.com *.google.ca *.googleapis.com *.aglty.io *.googletagmanager.com
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 21:58:27 GMT
etag: "12hhftpjskg2v0"
permissions-policy: geolocation=(self)
referrer-policy: same-origin
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 797305152e71cc2e.css
healthhub-cat.myarta.net/_next/static/css/ 97 KB
16 KB 93ms
92ms Stylesheet
text/css 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"18481-18d1e14a148"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 webpack-8f91f78198cdbbd5.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 3 KB
1 KB 91ms
90ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/webpack-8f91f78198cdbbd5.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"a43-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 framework-ca706bf673a13738.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 138 KB
45 KB 94ms
93ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/framework-ca706bf673a13738.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"2270e-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main-be6a1bd740039146.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 115 KB
33 KB 119ms
118ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/main-be6a1bd740039146.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"1cdcd-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 _app-f00ccffe7e3044e2.js Show response
healthhub-cat.myarta.net/_next/static/chunks/pages/ 5 MB
906 KB 117ms
117ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 89da1737007516440c820445fcd092c772c20d73bdabbbf0cfc6d887970d2483

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"5621e4-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 index-8133aa1f5339533d.js Show response
healthhub-cat.myarta.net/_next/static/chunks/pages/ 476 B
600 B 97ms
97ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/index-8133aa1f5339533d.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f1a40971465d1c6ded3130a8a492dac5f0c7acdd3d01626b60a014e5c258ea41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"1dc-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 9a03b9a344a172559443d436ec7c6d28
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476

GET
H2 200 _buildManifest.js Show response
healthhub-cat.myarta.net/_next/static/LaNXGF6S_kzPOGuQnFkXV/ 8 KB
2 KB 99ms
98ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/LaNXGF6S_kzPOGuQnFkXV/_buildManifest.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a93ffd4e09569d27f0597148f704086637314959e1321af54ffd955ffd83c8eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"2082-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 _ssgManifest.js Show response
healthhub-cat.myarta.net/_next/static/LaNXGF6S_kzPOGuQnFkXV/ 77 B
175 B 98ms
97ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/LaNXGF6S_kzPOGuQnFkXV/_ssgManifest.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"4d-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 2fa0a1d08849925d02dc73fa527580a4
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 main.js Show response
static.cohere.so/ 337 KB
110 KB 207ms
117ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f1107c9df7c79a779c308a91e99bc629d53956e2f0e646a303f3a8f3cc7603

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"149bf97767320573ebbbf4214f899a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXkB%2B9IguQNiyXkH9i%2F5eMzoFpgfxk0fryQ39JrbMlOvERzZ9yOK%2F%2FThOLnORO0q0RQ4FOy9OYR2sI8u9Qki4K5Yt4s5a2FWn%2B5RJG9TRB2Rr9iaFtSSjXIkrN6CdU0ve%2BUitf2brfgZRvLCKMwV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943c8868498c-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ Frame 0
0 148ms
61ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 20 Jan 2024 21:58:28 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787909.763895,VS0,VE29

GET
H2 200 64e51dfa264389149f777ad5 Show response
app.launchdarkly.com/sdk/goals/ 2 B
177 B 130ms
128ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Sat, 20 Jan 2024 21:58:28 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
content-length: 26
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787909.827879,VS0,VE95
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0 Show response
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ 97 B
498 B 209ms
208ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a21495b9460cc6a0d6b56750d988b7d25fb282c8bb98884a4e4536ca5714253a

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 103
x-served-by: cache-mia-kmia1760020-MIA, cache-mia-kmia1760059-MIA
x-timer: S1705787909.828105,VS0,VE176
etag: "45dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ Frame 0
0 149ms
63ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 20 Jan 2024 21:58:28 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787909.763879,VS0,VE30

GET
H3 200 Gilroy-Medium.8d6b4a62.otf
healthhub-cat.myarta.net/_next/static/media/ 54 KB
33 KB 106ms
105ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/media/Gilroy-Medium.8d6b4a62.otf
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Request headers

Referer: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Origin: https://healthhub-cat.myarta.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"d6bc-18d1e14a148"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Gilroy-SemiBold.84d83109.otf
healthhub-cat.myarta.net/_next/static/media/ 54 KB
33 KB 93ms
92ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/media/Gilroy-SemiBold.84d83109.otf
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 60d34dcfd46cf6328488f5eea4dddf42f7fe2109ce977c166105c06734126781

Request headers

Referer: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Origin: https://healthhub-cat.myarta.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"d7ac-18d1e14a148"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Translations Show response
api-cat.onlineweb.ca/pmos-api-b2c/api/v1/ 274 KB
52 KB 378ms
260ms Fetch
application/json 34.36.88.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cat.onlineweb.ca/pmos-api-b2c/api/v1/Translations?domain=api-cat.onlineweb.ca&languageIso=en&platform=Web&clientType=Web

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.88.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

97.88.36.34.bc.googleusercontent.com

Software

Resource Hash

1dd50fea015246edbc36403e5fbc24e618b9a311a941966af1686e7cf43c5d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-response-time-ms: 58
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 483d6e2c-9d77-40d5-971a-dd38cfe17f5d

GET
H3 200 signin-3dba7d883901a5de.js Show response
healthhub-cat.myarta.net/_next/static/chunks/pages/ 2 KB
1 KB 110ms
109ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/signin-3dba7d883901a5de.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/main-be6a1bd740039146.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d0a7058dd4b7bce1ff69a9dfd6625b91afddd6762672289e1b852b317c31c7bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"994-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
voice.cohere.so/chatPreload/ Frame 10DA 666 B
804 B 187ms
90ms Document
text/html 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/chatPreload/

Requested by

Host: static.cohere.so
URL: https://static.cohere.so/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d87fd6eaac373379c1128d1f1ed035e8e7897f933538f377b550f76ea7b7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848a943eda38b3c2-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 21:58:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3mtuXzMpX04EbwwBZw47wpKuVb6EJrSjxmeazyOPKa4iVjZkPAA3Gxek9anG%2FjSildSqVHNya6deUxMNhxCLaYCnwYcHqeOtRnDyNkBOn8zAMnTjUIuEIvwne3qNucNAXJUJnb9Nv0vdASO5Ok%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ping Show response
service.cohere.so/ 55 B
363 B 160ms
77ms Fetch 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://service.cohere.so/ping
Requested by: Host: static.cohere.so
URL: https://static.cohere.so/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af37f752c51fd438fa6e824f0fffccf6ecdc3d9600f6c27420fbac4f766a74cc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

uwebsockets: 20
date: Sat, 20 Jan 2024 21:58:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-ray: 848a943edf7db3e0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 55

GET
H/1.1 200
OK openid-configuration
gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/v2.0/.well-known/ 1 KB
2 KB 539ms
304ms Fetch
application/json 2603:1036:3000:18::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/v2.0/.well-known/openid-configuration

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 20 Jan 2024 21:58:28 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://healthhub-cat.myarta.net
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid: a665381c-9b2c-4102-9b15-bf8943d659ff
Content-Length: 1460
X-XSS-Protection: 1; mode=block

GET
H2 200 chatPreload-a70e2fdd.js Show response
voice.cohere.so/assets/ Frame 10DA 434 B
627 B 84ms
82ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/chatPreload-a70e2fdd.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b8c4b2ac6d7d915438ce21b135e3bdaf362c0e539de674bb153427af6a20580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8c5feb50d7e957ceba754f2463a93a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLPTutu%2BX%2FKm4YDRSRAgddUkvQ29Q%2Bc788mQl1agFzDXuBMca%2FpH%2F79LO4XGh9ZdlzWj1DaYcwYh6O%2FszXyG%2BTOwRv3vUiUtf7xrIY3ySmOS%2BhdOy3Rd1Zk%2BD%2F%2FnasGYEoV3UTpMpOG8cUYktgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bbdb3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 modulepreload-polyfill-ec808ebb.js Show response
voice.cohere.so/assets/ Frame 10DA 711 B
685 B 91ms
89ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/modulepreload-polyfill-ec808ebb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb5ca0d987f4561749a86c6f2f0cc960ce40963116f5a59e256789ea805ca62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"903e4529424e3715b2638da2e39da267"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FPEEkIPUpXG5pVHZHCo9Otsnwp%2F%2FRfHVQgLuseL3t6nFlbfmGuXWyNOHg89Ije0uSCWsEkMq0T3Yvi06sYMd0iN2%2FzRMYP7Sll0OtHYUDQ70Ob%2F12cf0eTyAoXN5yv5uKC32VRzqDrUW%2B4Ts18%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bc7b3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 index.browser-7e542916.js Show response
voice.cohere.so/assets/ Frame 10DA 184 B
468 B 86ms
85ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/index.browser-7e542916.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ea4c27362397cdbb61e96e12510ab998ac81879af92fdaf252b923f4b7f6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"c22e7729c65f8d729602bbe7957c496c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0kBtf4Qm4p91jHcJt9bTWcl8Q4xEsCALpesR5ml8SUBdG%2Fb%2BYHpXEe6gb4m2iZZBxq3lkbQL%2B0sSfsXpqH5rvxAZgi%2B0MvHA%2ByIxDntnmoehqimxsc4ZfW8I%2B%2BmD7Q70X92kldM04CSwWuzgG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bcdb3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 connectToParent-8fc445fb.js Show response
voice.cohere.so/assets/ Frame 10DA 4 KB
2 KB 85ms
84ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/connectToParent-8fc445fb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae5da7bbed8a98ebe769965199f54a5cbf7c12b96861aca8cd3c2be94aadc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8f44b78c5804759d0ef1966b7ddd3448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXpiqCF%2F4d0WGv1PJOej8enb8dUy0s8JmMSz%2BSLrdtWsFjXS9ufbJD8KLjDUXN9emEJLsFiBnI6R15Vfeqw0hVlRLMMDGRYrrglTfTe%2BBiQwfYQC4zXoH%2Fadx%2BbzRKYSvzrc902tUrcd7aMT0QM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bceb3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fileUtils-329ccb40.js Show response
voice.cohere.so/assets/ Frame 10DA 1 KB
1009 B 87ms
86ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/fileUtils-329ccb40.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8eb0820a86bf906d2ad644416d99892bf2470ea36bccc96bb55aa6e2a256dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"5ae9d6c06ccdb48f0ad27ebdbece1bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6BWqzCi2rL7oxIJisWgZyuqeNJ5zK7iwJSzmrBwd5ADxtaO1kDKVfK%2BlB3eAoIiNml9SrD4i2Q%2BAUqacNZaGbOYY8pYDnub9WU5uvgf1xeMa%2FaP2IJjj19meUAgnookd1Synba%2Fx%2B9tP2T8VPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bd0b3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 preload-helper-101896b7.js Show response
voice.cohere.so/assets/ Frame 10DA 742 B
733 B 89ms
88ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/preload-helper-101896b7.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed187af91f5763aa05df3670ded39128fd4fa78367b3134cf3f95b8be6109b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"589582124a6eb15ac8837767b574ee51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCRpR7kYBm3POm889Nj8OUvuDndHGhAyaHoyqqYzmy9bmofkDcFyyzfH2RTlMpkmw0jDK7PjGajCl16XRsKwhTJxh9qLDo5jxfhLpaLDsrtak3G3JKHGSOueMAWATljuwJunqjhjexpv7YJ5WIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bd1b3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bundleMessages-444ded67.js Show response
voice.cohere.so/assets/ Frame 10DA 141 KB
47 KB 71ms
71ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/bundleMessages-444ded67.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696452b1286fad19830afe6b65724d72fd792872543b04f6f63c5bade92c779e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"0fa1746fb730209f539886fd06036f32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR9%2B5pm5NdQKAYkpePMFKc0%2BqBoji%2FtPCcfhs%2Bw%2BPxqlZ2FgDTwHmIQ0h01XiOO8ct8k%2F%2BXynSmxijIqff766hmaamE6yqB9HyUuXItDnDy%2F0O%2F1rXOocGWmy%2BfKeCB4JQIUUeacbBsSVS8OcNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a943f7bd2b3c2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0
clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/ 118 B
0 260ms
119ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGIxNTc2NTAtYjdkZi0xMWVlLTg2N2YtOTU2OWIxNjIyOGMzIn0

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 326
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 202 64e51dfa264389149f777ad5 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 71ms
71ms XHR
application/json 54.175.249.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64e51dfa264389149f777ad5

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.175.249.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-249-243.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 64e51dfa264389149f777ad5
events.launchdarkly.com/events/diagnostic/ Frame 0
0 183ms
60ms Preflight 54.175.249.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.175.249.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-249-243.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 20 Jan 2024 21:58:29 GMT
strict-transport-security: max-age=31536000

GET
H2

200

cwi-sso Show response
cat.greenshieldplus.ca/login/
Redirect Chain

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onm...
https://cat.greenshieldplus.ca/login/cwi-sso

4 KB
2 KB

133ms
103ms

Document
text/html

34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.greenshieldplus.ca/login/cwi-sso

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.161.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

597ada6f0bf2b388691555af5b13331366a57ebd6a0d1aba8b881168d6b7428a

Security Headers

Name	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-bpSbnxHKrl3+IqsvF6e6fg==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: ;default-src 'self' *.cohere.so *.googletagmanager.com *.b2clogin.com;script-src 'nonce-bpSbnxHKrl3+IqsvF6e6fg==' 'self' *.gstatic.com *.cohere.so *.google.com *.gstatic.com *.googletagmanager.com *.googleapis.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.googletagmanager.com *.google.com;font-src 'self' data: *.gstatic.com;connect-src 'self' *.b2clogin.com *.googleapis.com *.onlineweb.ca *.gstatic.com *.google.com *.googletagmanager.com *.g.doubleclick.net *.greenshieldplus.ca *.cohere.so ws: *.launchdarkly.com;img-src 'self' data: *.gstatic.com *.google.ca *.googleapis.com *.aglty.io *.googletagmanager.com
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 21:58:30 GMT
etag: "pbtwic6kqr2vl"
permissions-policy: geolocation=(self)
referrer-policy: same-origin
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Allow: OPTIONS TRACE GET HEAD POST
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 635
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Jan 2024 21:58:29 GMT
Location: https://cat.greenshieldplus.ca/login/cwi-sso#error=redirect_uri_mismatch&error_description=AADB2C90006%3a+The+redirect+URI+%27https%3a%2f%2fhealthhub-cat.myarta.net%2fsignin%27+provided+in+the+request+is+not+registered+for+the+client+id+%27d0e95329-659a-4882-a369-ca72abfbca09%27.%0d%0aCorrelation+ID%3a+3ebbaa33-baee-4362-b5d2-3998615f297e%0d%0aTimestamp%3a+2024-01-20+21%3a58%3a30Z%0d%0a&state=eyJpZCI6ImQxNjY2MzIyLTIyYzQtNGUyZC1iMmYwLTdlODhjOTdjZTk3OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
x-ms-gateway-requestid: da8980e6-c4cc-40f3-890c-71ca961e0edb

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 220ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 21:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 20:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 21:58:29 GMT

GET
H2 206 accept-sound-4RJBS7T3.mp3
static.cohere.so/ 24 KB
25 KB 43ms
42ms Media
audio/mpeg 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/accept-sound-4RJBS7T3.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Jan 2024 21:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2748
Content-Range: bytes 0-25075/25076
alt-svc: h3=":443"; ma=86400
Content-Length: 25076
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fcdc58ef2dc9cda121b52a4125b1e891"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdUyZYh0eioEbTupd1TyOv5Qn%2FjJhQrk%2Bkj%2FWe1Y9GJexT01BGwwHANT8VNpztsaoEGpi6147l7jwGbjs71AETCX3PbyQJFEP1uARgCHj%2BNTCZATeA%2BhS%2BVoEVqxsij5Oju6Icj8QnEGXB%2B%2F4MoJ"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 848a9442a81d498c-MIA

GET
H3 200 797305152e71cc2e.css
cat.greenshieldplus.ca/_next/static/css/ 97 KB
16 KB 97ms
96ms Stylesheet
text/css 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"18481-18d1e14a148"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 webpack-8f91f78198cdbbd5.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 3 KB
1 KB 91ms
91ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/webpack-8f91f78198cdbbd5.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"a43-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 framework-ca706bf673a13738.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 138 KB
45 KB 96ms
94ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/framework-ca706bf673a13738.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"2270e-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 main-be6a1bd740039146.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 115 KB
33 KB 95ms
94ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/main-be6a1bd740039146.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"1cdcd-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _app-f00ccffe7e3044e2.js Show response
cat.greenshieldplus.ca/_next/static/chunks/pages/ 5 MB
905 KB 103ms
102ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 89da1737007516440c820445fcd092c772c20d73bdabbbf0cfc6d887970d2483

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"5621e4-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 cwi-sso-eba25e1a955df9a5.js Show response
cat.greenshieldplus.ca/_next/static/chunks/pages/login/ 2 KB
1 KB 102ms
101ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/login/cwi-sso-eba25e1a955df9a5.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 513f84c89291384574f1630fb74e0f4075ec926428443316e0b93f934d54339a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:06 GMT
server: Google Frontend
etag: W/"6f7-18d1e14a530"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _buildManifest.js Show response
cat.greenshieldplus.ca/_next/static/LaNXGF6S_kzPOGuQnFkXV/ 8 KB
2 KB 95ms
94ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/LaNXGF6S_kzPOGuQnFkXV/_buildManifest.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a93ffd4e09569d27f0597148f704086637314959e1321af54ffd955ffd83c8eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"2082-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _ssgManifest.js Show response
cat.greenshieldplus.ca/_next/static/LaNXGF6S_kzPOGuQnFkXV/ 77 B
97 B 102ms
101ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/LaNXGF6S_kzPOGuQnFkXV/_ssgManifest.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"4d-18d1e14a148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 5005f14488d851de1c65c7a74396eb84
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H3 200 main.js
static.cohere.so/ 337 KB
110 KB 93ms
92ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"149bf97767320573ebbbf4214f899a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yr3OplvY7%2BOwS99rTXd%2Bce70PU9wOB7QCaGSbuTB6giD56Cvr%2FZSVL0MnQyM32qV%2BdBEol3ivpvIjwvut9014KnxR2F3ktEmuUOjINpL77SJnUuSnldtPCpJJ2NMTMkAFlC4nEQeDM3p3TsFdPMf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944a4fab5c7d-MIA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ Frame 0
0 34ms
34ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://cat.greenshieldplus.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 20 Jan 2024 21:58:31 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787911.016293,VS0,VE0

GET
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ 2 B
105 B 34ms
34ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Sat, 20 Jan 2024 21:58:31 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787911.052018,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ 97 B
222 B 57ms
57ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 103
x-served-by: cache-mia-kmia1760063-MIA, cache-mia-kmia1760059-MIA
x-timer: S1705787911.052263,VS0,VE10
etag: "45dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ Frame 0
0 33ms
33ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://cat.greenshieldplus.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 20 Jan 2024 21:58:31 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-mia-kmia1760059-MIA
x-timer: S1705787911.017397,VS0,VE0

GET
H3 200 Gilroy-Medium.8d6b4a62.otf
cat.greenshieldplus.ca/_next/static/media/ 54 KB
33 KB 95ms
95ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/media/Gilroy-Medium.8d6b4a62.otf
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Origin: https://cat.greenshieldplus.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"d6bc-18d1e14a148"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Gilroy-SemiBold.84d83109.otf
cat.greenshieldplus.ca/_next/static/media/ 54 KB
33 KB 92ms
92ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/media/Gilroy-SemiBold.84d83109.otf
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Origin: https://cat.greenshieldplus.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 18 Jan 2024 19:38:05 GMT
server: Google Frontend
etag: W/"d7ac-18d1e14a148"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Translations
api-cat.onlineweb.ca/pmos-api-b2c/api/v1/ 274 KB
52 KB 215ms
215ms Fetch
application/json 34.36.88.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cat.onlineweb.ca/pmos-api-b2c/api/v1/Translations?domain=api-cat.onlineweb.ca&languageIso=en&platform=Web&clientType=Web

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.88.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

97.88.36.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-response-time-ms: 68
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 15783d8b-e2c4-4612-9a10-bfee1d4fd3b7

GET
H3 200 /
voice.cohere.so/chatPreload/ Frame 875A 666 B
768 B 77ms
76ms Document
text/html 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/chatPreload/

Requested by

Host: static.cohere.so
URL: https://static.cohere.so/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 848a944c9e9e7418-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 21:58:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32G2gDN%2BHpBN%2F2nRcdb0Z1nAu8vm4ubYW71aCkMpE47%2FQtYHoFLjh55o2XsNZ0C1HcJXKnH1ZR68NaVTHRCnnzs1KKdQGB2FAsYO1FR4w8FmtS8tFsissvjH0%2FcWqEWO98p%2Fb1M4nuhMp6i8BLY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0
clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/ 118 B
0 68ms
68ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMGM3YTM2NzAtYjdkZi0xMWVlLTk3YzItMGZjZjRiYTQyZWMxIn0

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 326
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 ping
service.cohere.so/ 55 B
235 B 76ms
75ms Fetch 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://service.cohere.so/ping
Requested by: Host: static.cohere.so
URL: https://static.cohere.so/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

uwebsockets: 20
date: Sat, 20 Jan 2024 21:58:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-ray: 848a944cae85b3e0-MIA
alt-svc: h3=":443"; ma=86400
content-length: 55

GET
H/1.1 200
OK openid-configuration
gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/v2.0/.well-known/ 1 KB
2 KB 173ms
172ms Fetch
application/json 2603:1036:3000:18::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/v2.0/.well-known/openid-configuration

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::4 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Sat, 20 Jan 2024 21:58:30 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cat.greenshieldplus.ca
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid: cca360b5-61d8-4997-a515-5abe18729dba
Content-Length: 1418
X-XSS-Protection: 1; mode=block

GET
H3 200 chatPreload-a70e2fdd.js
voice.cohere.so/assets/ Frame 875A 434 B
808 B 80ms
79ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/chatPreload-a70e2fdd.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8c5feb50d7e957ceba754f2463a93a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyOmLmu2T6%2B%2BqHSlRQ%2B0cffPBO164Cf%2BlYWy2YAUR3SOUvctFrQMmKErQMTSFjneslxzy9rF4hEp%2F5jI60Pi8zs7qAo%2FRY6bbrl7r4OHTOl7%2BsKlv7fmL7MyfT0iSrcDLURFH4WJlPFco1j6wGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fcb7418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 modulepreload-polyfill-ec808ebb.js
voice.cohere.so/assets/ Frame 875A 711 B
882 B 79ms
77ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/modulepreload-polyfill-ec808ebb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"903e4529424e3715b2638da2e39da267"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CphxqTZWqy6U%2F%2Fkyi9jmkc%2Bgyp8ACQW4Iq%2BB1wwhbVGvqc%2FVTCP67swnXTW%2FsuP6OpE0%2FIMp9PSvOY6Ro4ZnJGQCsQ%2BSr%2BKTLPbaSnRNNq96lrazXGQhDDw2NFjfBlsJJexjymaBkNmH%2F8uHzQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fd17418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.browser-7e542916.js
voice.cohere.so/assets/ Frame 875A 184 B
657 B 72ms
71ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/index.browser-7e542916.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"c22e7729c65f8d729602bbe7957c496c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6SootNGb%2F4MTI%2FFZjI060a9MEjQfGmTqCz%2B4Zht6XQxRLsZH8guxqRg66%2B0g4saAscxkpiV00jRfeJOyjQr62X29ZcK9OTXHOPVbvaZHuJtIZ3KKZeRk2xIsapAh%2BnM60uMIa9%2FyXoGj%2Forzu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fd57418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 connectToParent-8fc445fb.js
voice.cohere.so/assets/ Frame 875A 4 KB
2 KB 110ms
109ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/connectToParent-8fc445fb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8f44b78c5804759d0ef1966b7ddd3448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2lGrl7N1YY4%2FJbPZHUQ66R07mAJFNFp2Og65PkMLIpzWaAHOAFDmziutkojJmtCA%2FeYihxN8N%2FppXohcVCN2yulX%2Fnl%2BWmNr3hlqSX4fvBp0Omz34pgZSa%2FAPt%2FgOag5tDffiZ0oeZfU8KQXVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fd77418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fileUtils-329ccb40.js
voice.cohere.so/assets/ Frame 875A 1 KB
1 KB 83ms
81ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/fileUtils-329ccb40.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"5ae9d6c06ccdb48f0ad27ebdbece1bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrIt4PgwWttn6wxh5fSy7M8bHckPTbZbT%2FK8aGRcr5eksJYt19xxrdIC1N2oVppMzglI1XYL1OhJyFEzftVVkQc5rxTmJFaO79r%2FmsWgwsRtQta6Asibh0COmZFXL9j0qjBdB%2BZZOrf9Jl%2FWOWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fd97418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 preload-helper-101896b7.js
voice.cohere.so/assets/ Frame 875A 742 B
928 B 76ms
75ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/preload-helper-101896b7.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"589582124a6eb15ac8837767b574ee51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hz0d%2BjZ%2BsLwsctC8dTAyXp1I2yg0PWQm0oaluF46mv2cQ%2BWzi0%2BW6SqXFTUovMLtRvmmLiHXbsZ8C9whf%2BOzUYL7drsT6XPPH905qyzv0Xw8a63SW9iwh4SnHs2HrfXkOW4m2uyGPB88%2Br0YIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fda7418-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bundleMessages-444ded67.js
voice.cohere.so/assets/ Frame 875A 141 KB
47 KB 89ms
89ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/bundleMessages-444ded67.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"0fa1746fb730209f539886fd06036f32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L4sq5QTCCtlJx0iBNPBW%2BQjeMQk0hampNUEwxXr33YQS5VUwU5fZrYqV8Nle93gbjMHOQaCk7e83YRf%2Fgd%2FyhmmGwlOufKt%2Fs%2Bo%2Fvc4wwflKTnrmLWIv7KCek5it9L4M8%2BO%2F3G2azrPPeetp3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 848a944d1fdb7418-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request error Show response
benadminuat.ibenefits.ca/voidentityserver/home/
Redirect Chain

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigit...
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2f%2fgsccatb2c.b2clogin.com%2fgsccatb2c.onmicrosoft.com%2foauth2%2fauthresp&response_type...
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPx...

4 KB
5 KB

323ms
323ms

Document
text/html

74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPxiLacajMu_uakfwWM2Cqz3UhRXa5yoXXtsAqVJPj6zh5fzz7NcRTbYPU1asRy5yz_y-JxbPiMSWMenXewWjbdkWHxfN60a3Z4ikBBddS4RWgnawD5atyVtCjSUrx853hEXAGS4RZv_k_mFsFj4Dk_TNPVMVh-BSW6uI3ZAu6VxmnftnAfmOXMRwuQ8XcGKxyKirB7llYGWRb3QFdXXDcFzjQfSSqdUMyvM-ckpKeixmBm_b1k

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-f00ccffe7e3044e2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

c316a2d133c22194a0803d384853da6183cab6f008848aa677691d9ab31ad985

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cat.greenshieldplus.ca/login/cwi-sso#error=redirect_uri_mismatch&error_description=AADB2C90006%3a+The+redirect+URI+%27https%3a%2f%2fhealthhub-cat.myarta.net%2fsignin%27+provided+in+the+request+is+not+registered+for+the+client+id+%27d0e95329-659a-4882-a369-ca72abfbca09%27.%0d%0aCorrelation+ID%3a+3ebbaa33-baee-4362-b5d2-3998615f297e%0d%0aTimestamp%3a+2024-01-20+21%3a58%3a30Z%0d%0a&state=eyJpZCI6ImQxNjY2MzIyLTIyYzQtNGUyZC1iMmYwLTdlODhjOTdjZTk3OCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 21:58:31 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15768000
x-content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

date: Sat, 20 Jan 2024 21:58:31 GMT
location: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPxiLacajMu_uakfwWM2Cqz3UhRXa5yoXXtsAqVJPj6zh5fzz7NcRTbYPU1asRy5yz_y-JxbPiMSWMenXewWjbdkWHxfN60a3Z4ikBBddS4RWgnawD5atyVtCjSUrx853hEXAGS4RZv_k_mFsFj4Dk_TNPVMVh-BSW6uI3ZAu6VxmnftnAfmOXMRwuQ8XcGKxyKirB7llYGWRb3QFdXXDcFzjQfSSqdUMyvM-ckpKeixmBm_b1k
strict-transport-security: max-age=15768000

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
820 B 80ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 21:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 21:04:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 21:58:31 GMT

GET
H3 206 accept-sound-4RJBS7T3.mp3
static.cohere.so/ 24 KB
25 KB 45ms
44ms Media
audio/mpeg 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/accept-sound-4RJBS7T3.mp3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2649
Content-Range: bytes 0-25075/25076
alt-svc: h3=":443"; ma=86400
Content-Length: 25076
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fcdc58ef2dc9cda121b52a4125b1e891"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FE%2BU49ibl4rAhtfDjXITS32a7ZtXW79ibFEfXEpVHfwGZ2%2FWXg9zDHPraBm9m4twTf6zkN7CrZMfeUlXlx6bFAvWNLESohmdcwfzeawm02UX67WnuUK61Xf8vTvZDy5iJ6TqIwuQoQm5vf30ktk"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 848a944ff9cc5c7d-MIA

GET
H3 200 css
fonts.googleapis.com/ 8 KB
774 B 81ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,400,500,500,700

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gPD_JOa_Nxw7Ltp3Qp86YlmwpD-Cs48GLXpbr3QR0v40a6hi_VoHLiBzVDPg50kLFkc4g7_BglcUOplzhqCiv0Pt6avpxGIt-dkNqPxiLacajMu_uakfwWM2Cqz3UhRXa5yoXXtsAqVJPj6zh5fzz7NcRTbYPU1asRy5yz_y-JxbPiMSWMenXewWjbdkWHxfN60a3Z4ikBBddS4RWgnawD5atyVtCjSUrx853hEXAGS4RZv_k_mFsFj4Dk_TNPVMVh-BSW6uI3ZAu6VxmnftnAfmOXMRwuQ8XcGKxyKirB7llYGWRb3QFdXXDcFzjQfSSqdUMyvM-ckpKeixmBm_b1k

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0771512c57f3416f6cc6a7b15d2104ef02565621b7707e15ecbbcb1f95a13275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 21:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 21:58:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 21:58:32 GMT

GET
H2 200 main-blue.min.css
benadminuat.ibenefits.ca/voidentityserver/css/ 36 KB
36 KB 86ms
85ms Stylesheet
text/css 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/main-blue.min.css?v=zWQClWTpDI-3ypLIonDiYz3zSdlBIPo-WPyPaDbGr70

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

cd64029564e90c8fb7ca92c8a270e2633df349d94120fa3e58fc8f6836c6afbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c19beb3"
content-length: 37043
content-type: text/css

GET
H2 200 greenshield.css
benadminuat.ibenefits.ca/voidentityserver/css/ 51 KB
51 KB 251ms
251ms Stylesheet
text/css 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

2247a2689c72e68f1af5637bdc579ef7481a9fbae323f781bf4b31794272a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c19e267"
content-length: 52327
content-type: text/css

GET
H2 200 logo
benadminuat.ibenefits.ca/voidentityserver/logo/ 18 KB
19 KB 417ms
416ms Image
image/png 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/logo/logo?baseUrl=default

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

a86d4be4ae06eaac5c5991ac961cfe19926f27e4587ea7e8a7ce560a13e34be3

Security Headers

Name

Value

Content-Security-Policy

script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca

Strict-Transport-Security

max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
cache-control: public,max-age=900
date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
content-length: 18186
content-type: image/png

GET
H2 200 jquery.slim.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery/dist/ 71 KB
71 KB 253ms
252ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery/dist/jquery.slim.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c1834cf"
content-length: 72399
content-type: application/javascript

GET
H2 200 Jquery.validate.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation/dist/ 23 KB
23 KB 249ms
249ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation/dist/Jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c1974e3"
content-length: 23267
content-type: application/javascript

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation-unobtrusive/ 6 KB
6 KB 332ms
332ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c193886"
content-length: 5766
content-type: application/javascript

GET
H2 200 bootstrap.bundle.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/bootstrap/dist/js/ 79 KB
79 KB 334ms
333ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c181540"
content-length: 80704
content-type: application/javascript

GET
H2 200 app.js Show response
benadminuat.ibenefits.ca/voidentityserver/js/ 279 B
442 B 333ms
332ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/js/app.js?v=22HW8IE-rnbb5TZhrBZyZZTZDyVRadGAOripZbzD9M0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

f8d1ab6192ece44bae974114b7a2bf1c4447a618250c65e594f31fbb4a9bf98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:31 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c192f17"
content-length: 279
content-type: application/javascript

GET
H2 200 body-bg.png
benadminuat.ibenefits.ca/voidentityserver/images/greenshield/ 3 KB
3 KB 159ms
159ms Image
image/png 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/images/greenshield/body-bg.png

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

78d16db5c41744ab05da900961b49900521fb1962c47bd9b293b14dbc3548871

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:32 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c192203"
content-length: 3075
content-type: image/png

GET
H2 200 NunitoSans-Regular.ttf
benadminuat.ibenefits.ca/voidentityserver/css/Fonts/greenshield/ 89 KB
90 KB 160ms
159ms Font
application/x-font-ttf 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/Fonts/greenshield/NunitoSans-Regular.ttf

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw
Origin: https://benadminuat.ibenefits.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 21:58:32 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
etag: "1da40789c184b44"
vary: Origin
content-type: application/x-font-ttf
access-control-allow-origin: https://benadminuat.ibenefits.ca
accept-ranges: bytes
content-length: 91460

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 290ms
66ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,500,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benadminuat.ibenefits.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:10:00 GMT
x-content-type-options: nosniff
age: 118113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:10:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-rc:23377d65-ced6-413e-a06d-f9be21a79fa6 Value: ekhUNVRMcEp4N0VRWi8zMEEzeXlVRUZwZDRkSHRmUkJSaFdOM2hXYmVjQWFXRUpaNHlIeHRubDZwR2w4eVJMZmVmdC9qaUtacWd2ajRDc28rWUk2NWc9PTsyMDI0LTAxLTIwVDIxOjU4OjMxLjg1MTM3MDJaO2VGT052MENvd3lKeG52T3Q3WUpoZmc9PTt7IlRhcmdldEVudGl0eSI6IlNTTy1PcGVuSWRDb25uZWN0IiwiT3JjaGVzdHJhdGlvblN0ZXAiOjF9
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache\|clnfs7r1h0kziakfr5q6bg_0 Value: m1.ddmJrGqkmvaxketq.SGwzIUd06+uc7jgLy5UWDg==.0.ssxPHkR8oTSzuEmWW1PXo0Z0+avy62+GKh86oYYa7iff30DGbYhjkjnQMiTrYTWOy3lMMhikLSVbwKdgoGaaaIRUUUDyip9xVIP7G78avw0vAYgwN8WxMVol1yWEM9e1WKSRE2AO4+RyEAGhfBtooirn1oIKfy8Rhs4asvqJaDj7T99CGlMaFI6bdYUBoz0i8J4c3mW/NTG8e5ZJPG+Z2lIZv4YHH8pXLrLnfgQUlZJya7Ctip2ifslv9L9doWiRgZAEazFZAjP+JGlolAlhOJj0G48EWF8eBYcARh/fN5MwctiCeAEsyLKyeUahYUfp7YznueJgX+zigdZly7PjE7ChFSMu5MuGzGv45ObUE0egvticJSL+JSoN5vI6FHNLuhiwCfyfsbcnwWiZGWiAtZ279YoEVYh3ldqPpISFkz4aAP5SycNG53NWZFfMkyIY8JGjYHo3U+wCvDtcGArGOyunUsWbBGgxbS1spterArNw+JLN85iuEj8Bya9Eemr2QcsH1dnVr+mMB59Bo6oEu77z2XwnPiX3dEJeJkHIHJPdNaWZtwLRdjh0O/a2pJiP3odOvzXAyISFfRGSJ690hTSNftmG3/VdZfaTP+kmDlwuo09wpyaFroOFfu64HGqPlDsaSJ8Qouzrarvb9lzfOwTDKB8d5iVk3C1K8uLs+kAxr+k43bwkOuaA0IkdUCk96udOc8c0+QDOCSAYdkDZtlIEyvKmu9L89VKi1ArTROyRrk3XHGliKhsXgfKztiNWTO6x+t73+VZ3YqK2zaMLFOuCvR/HYLKbtnHHtIidg2+cfT2M+5UOeXcaH4ssTWkGAyUL7o47Zc1z+5uOl0PVuflDMpA6Gre7WzyTmVA9akrBw0JPcUCJi2TgpZff/XZzTBtSvjdySnHGvEHo1FtEoo/H8gyxqCKMcZvIf/sP67UByNu1QzIRwmUTfSntJBZE8+cLxEtZFfyfXv1w7rsMWq+OiuO+AHS/90Nrwr4BF7yl+6jFU0ghnFIf1yJOJMfMAngZfivaOYypaNSq/m7m2HWAIMlN8hRyUmFcvBQlK1NEHQx0ZZI6zS9kiATvBQHGuvUJSjqekKSPFj7RrT8JK1KfW727dmEDcHX6
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjRiZGZiOTcwLWY1YmEtNDI4Ny05OTg5LWE5MWY0NzlhYmEwNiIsIlQiOiJnc2NjYXRiMmMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9wbV9jd2lfc3NvIiwiQyI6ImQwZTk1MzI5LTY1OWEtNDg4Mi1hMzY5LWNhNzJhYmZiY2EwOSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiNGJkZmI5NzAtZjViYS00Mjg3LTk5ODktYTkxZjQ3OWFiYTA2In0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-hBvijIHCJ+XmAVkfac3G0A==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cat.onlineweb.ca
app.launchdarkly.com
benadminuat.ibenefits.ca
cat.greenshieldplus.ca
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
gsccatb2c.b2clogin.com
healthhub-cat.myarta.net
service.cohere.so
static.cohere.so
voice.cohere.so
151.101.2.217
2603:1036:3000:18::4
2606:4700::6812:556
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
34.160.161.26
34.36.88.97
54.175.249.243
74.85.154.30
76.223.31.44
0771512c57f3416f6cc6a7b15d2104ef02565621b7707e15ecbbcb1f95a13275
0ae5da7bbed8a98ebe769965199f54a5cbf7c12b96861aca8cd3c2be94aadc75
13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e
1dd50fea015246edbc36403e5fbc24e618b9a311a941966af1686e7cf43c5d9d
2247a2689c72e68f1af5637bdc579ef7481a9fbae323f781bf4b31794272a99b
38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856
4b8c4b2ac6d7d915438ce21b135e3bdaf362c0e539de674bb153427af6a20580
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
513f84c89291384574f1630fb74e0f4075ec926428443316e0b93f934d54339a
53d87fd6eaac373379c1128d1f1ed035e8e7897f933538f377b550f76ea7b7e4
597ada6f0bf2b388691555af5b13331366a57ebd6a0d1aba8b881168d6b7428a
5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f
60d34dcfd46cf6328488f5eea4dddf42f7fe2109ce977c166105c06734126781
68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269
696452b1286fad19830afe6b65724d72fd792872543b04f6f63c5bade92c779e
6d8eb0820a86bf906d2ad644416d99892bf2470ea36bccc96bb55aa6e2a256dd
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4
78d16db5c41744ab05da900961b49900521fb1962c47bd9b293b14dbc3548871
7c7a8aa3c6f7755ede70b58ad1124ab694238bdd80b3ddfc5b9c35ba5dd7b10b
89da1737007516440c820445fcd092c772c20d73bdabbbf0cfc6d887970d2483
a21495b9460cc6a0d6b56750d988b7d25fb282c8bb98884a4e4536ca5714253a
a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d
a86d4be4ae06eaac5c5991ac961cfe19926f27e4587ea7e8a7ce560a13e34be3
a93ffd4e09569d27f0597148f704086637314959e1321af54ffd955ffd83c8eb
af37f752c51fd438fa6e824f0fffccf6ecdc3d9600f6c27420fbac4f766a74cc
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57
c316a2d133c22194a0803d384853da6183cab6f008848aa677691d9ab31ad985
cbb5ca0d987f4561749a86c6f2f0cc960ce40963116f5a59e256789ea805ca62
cd64029564e90c8fb7ca92c8a270e2633df349d94120fa3e58fc8f6836c6afbd
d0a7058dd4b7bce1ff69a9dfd6625b91afddd6762672289e1b852b317c31c7bf
d8ea4c27362397cdbb61e96e12510ab998ac81879af92fdaf252b923f4b7f6fd
e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f1107c9df7c79a779c308a91e99bc629d53956e2f0e646a303f3a8f3cc7603
ed187af91f5763aa05df3670ded39128fd4fa78367b3134cf3f95b8be6109b2d
f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c
f1a40971465d1c6ded3130a8a492dac5f0c7acdd3d01626b60a014e5c258ea41
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f8d1ab6192ece44bae974114b7a2bf1c4447a618250c65e594f31fbb4a9bf98b

benadminuat.ibenefits.ca Open in urlscan Pro 74.85.154.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

40 %IPv6

9 Domains

13 Subdomains

10 IPs

2 Countries

3033 kBTransfer

13968 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benadminuat.ibenefits.ca Open in urlscan Pro
74.85.154.30 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

13
Subdomains

10
IPs

2
Countries

3033 kB
Transfer

13968 kB
Size

3
Cookies

76 HTTP transactions
0 data transactions