benadminuat.ibenefits.ca Open in urlscan Pro
74.85.154.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://healthhub-cat.myarta.net/
Effective URL:
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukV...
Submission: On January 17 via api (January 17th 2024, 9:38:05 pm UTC) from US — Scanned from US

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 76 HTTP transactions. The main IP is 74.85.154.30, located in Burlington, Canada and belongs to DRWORKS-01, CA. The main domain is benadminuat.ibenefits.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 16th 2023. Valid for: a year.

This is the only time benadminuat.ibenefits.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	34.160.161.26 34.160.161.26	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700::68... 2606:4700::6812:556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	34.36.88.97 34.36.88.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2606:4700::68... 2606:4700::6812:456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2603:1036:300... 2603:1036:3000:18::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.33.235.18 3.33.235.18	16509 (AMAZON-02) (AMAZON-02)
2	34.198.76.125 34.198.76.125	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1 12	74.85.154.30 74.85.154.30	395544 (DRWORKS-01) (DRWORKS-01)
1	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
76	11

23 34.160.161.26 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.161.160.34.bc.googleusercontent.com

healthhub-cat.myarta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cat.greenshieldplus.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:556 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.88.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.88.36.34.bc.googleusercontent.com

api-cat.onlineweb.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:456 (United States)

ASN13335 (CLOUDFLARENET, US)

voice.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
service.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2603:1036:3000:18::1 (Boydton, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gsccatb2c.b2clogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.76.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-76-125.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.85.154.30 (Burlington, Canada) 1 redirects

ASN395544 (DRWORKS-01, CA)

benadminuat.ibenefits.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cohere.so static.cohere.so — Cisco Umbrella Rank: 32883 voice.cohere.so — Cisco Umbrella Rank: 43626 service.cohere.so — Cisco Umbrella Rank: 50931	354 KB
12	ibenefits.ca 1 redirects benadminuat.ibenefits.ca	384 KB
12	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 589 clientstream.launchdarkly.com — Cisco Umbrella Rank: 963 events.launchdarkly.com — Cisco Umbrella Rank: 886	2 KB
12	myarta.net healthhub-cat.myarta.net	1 MB
11	greenshieldplus.ca cat.greenshieldplus.ca	1 MB
4	b2clogin.com 2 redirects gsccatb2c.b2clogin.com	8 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	onlineweb.ca api-cat.onlineweb.ca	104 KB
1	gstatic.com fonts.gstatic.com	16 KB
76	9

	Domain	Requested by
16	voice.cohere.so	static.cohere.so voice.cohere.so
12	benadminuat.ibenefits.ca	1 redirects cat.greenshieldplus.ca benadminuat.ibenefits.ca
12	healthhub-cat.myarta.net	healthhub-cat.myarta.net
11	cat.greenshieldplus.ca	healthhub-cat.myarta.net cat.greenshieldplus.ca
8	app.launchdarkly.com	healthhub-cat.myarta.net cat.greenshieldplus.ca
4	gsccatb2c.b2clogin.com	2 redirects healthhub-cat.myarta.net cat.greenshieldplus.ca
4	static.cohere.so	healthhub-cat.myarta.net cat.greenshieldplus.ca
3	fonts.googleapis.com	client benadminuat.ibenefits.ca
2	events.launchdarkly.com	healthhub-cat.myarta.net
2	clientstream.launchdarkly.com	healthhub-cat.myarta.net cat.greenshieldplus.ca
2	service.cohere.so	static.cohere.so
2	api-cat.onlineweb.ca	healthhub-cat.myarta.net cat.greenshieldplus.ca
1	fonts.gstatic.com	fonts.googleapis.com
76	13

This site contains no links.

Subject Issuer	Validity	Valid
cat.greenshieldplus.ca GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
static.cohere.so Cloudflare Inc ECC CA-3	`2023-10-16` - `2024-10-15`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
api-dev-gcp.onlineweb.ca GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
voice.cohere.so E1	`2023-12-19` - `2024-03-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-20` - `2024-02-20`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2023-11-10` - `2024-11-10`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M01	`2023-08-09` - `2024-09-05`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.ibenefits.ca Sectigo RSA Domain Validation Secure Server CA	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLIpbVxKrZoSV5u-u7YQQ5enhXX5JjE0fI9SyBhNEB4jYOuwacyt_XuA_SEW0mFudgumfYMjY5sOr-1yYEF6r8Iklw4LcLgA-85qVlN3mErjOrYx8Rr4LIV0BrhquVxQXLOUaVmp4E5qDqEkacJAe7Ms48eyY8G6--1HJCdTDN0kUy7Zy7zbpmfYnAWHCOdez1Xdt3x28ZSao14IBJtZwqL3kceEYUXiniguqI8zr8WnJMoHXjs
Frame ID: 9E46E68F630E07B0E8292B040BE6DEF8
Requests: 55 HTTP requests in this frame

Frame: https://voice.cohere.so/chatPreload/
Frame ID: 66BB54DC40272425A9801F95EE8E63AE
Requests: 8 HTTP requests in this frame

Frame: https://voice.cohere.so/chatPreload/
Frame ID: AE339272F9375D7C0AB6D501D4F50E91
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in

Page URL History Show full URLs

https://healthhub-cat.myarta.net/ Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/... HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=... HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2... HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADk... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

100 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

3009 kB
Transfer

13944 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://healthhub-cat.myarta.net/ Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhealthhub-cat.myarta.net%2Fsignin&client-request-id=a52c68df-4e1d-45eb-9197-9239719402f2&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=udeQ17q7K9f7qVq9WvG_fWedfMIRRyV63fNBGDLxUPg&code_challenge_method=S256&nonce=cc53199e-9430-44eb-8f0d-d8f7a8b652f5&state=eyJpZCI6ImI3NGMxZWQ0LWRhZTEtNDFiMy1hODEzLTY0YjZjNTM3MjJmYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&client=&app_domain=healthhub-cat.myarta.net&ui_locales=en HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso Page URL
https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fcat.greenshieldplus.ca%2Flogin%2Fcwi-sso&client-request-id=7ebcf78f-4796-4f0c-a48f-1530b65ba4c9&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=Cea3wEYDp_6QyxZSrvObAC1lWMk2VVkSny895EyjgQU&code_challenge_method=S256&nonce=36a9e149-0eca-45ef-af1e-04680482ae47&state=eyJpZCI6ImIzNWVhOGE0LWE1ZGEtNDk0ZC1iM2I4LTljZDdjZTExMTM4NCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&app_domain=cat.greenshieldplus.ca&ui_locales=en HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2f%2fgsccatb2c.b2clogin.com%2fgsccatb2c.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email+gsc&response_mode=form_post&nonce=t%2fItzuGkHgvPZ91H0ORhKw%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6ZjkzODU2NTMtNjViMy00MjVhLWI2MTktZDY3MDA0NmE0NTg2IiwiVElEIjoiNmJlZTJkNWYtYTVjNi00OTAxLWI5MGEtZWM2MDZmNzVhZjdkIiwiVE9JRCI6ImE4NWI2NWRhLWIzZWYtNGEwMS1iZmU1LTFlMzBhMDg5MTZmMiJ9 HTTP 302
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLIpbVxKrZoSV5u-u7YQQ5enhXX5JjE0fI9SyBhNEB4jYOuwacyt_XuA_SEW0mFudgumfYMjY5sOr-1yYEF6r8Iklw4LcLgA-85qVlN3mErjOrYx8Rr4LIV0BrhquVxQXLOUaVmp4E5qDqEkacJAe7Ms48eyY8G6--1HJCdTDN0kUy7Zy7zbpmfYnAWHCOdez1Xdt3x28ZSao14IBJtZwqL3kceEYUXiniguqI8zr8WnJMoHXjs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fpmos-api%20https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigital-health-api%2Fdigital-products-api%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fhealthhub-cat.myarta.net%2Fsignin&client-request-id=a52c68df-4e1d-45eb-9197-9239719402f2&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.30.0&client_info=1&code_challenge=udeQ17q7K9f7qVq9WvG_fWedfMIRRyV63fNBGDLxUPg&code_challenge_method=S256&nonce=cc53199e-9430-44eb-8f0d-d8f7a8b652f5&state=eyJpZCI6ImI3NGMxZWQ0LWRhZTEtNDFiMy1hODEzLTY0YjZjNTM3MjJmYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&client=&app_domain=healthhub-cat.myarta.net&ui_locales=en HTTP 302
https://cat.greenshieldplus.ca/login/cwi-sso

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
healthhub-cat.myarta.net/ 4 KB
2 KB 236ms
40ms Document
text/html 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://healthhub-cat.myarta.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.161.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

1ad87973b874a993c76054dc0f3b9c117bf7664ee1feedf39e65b7d9482dbcaf

Security Headers

Name	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-ddtbjoD82N2yJZF1YHT3fw==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: ;default-src 'self' *.cohere.so *.googletagmanager.com *.b2clogin.com;script-src 'nonce-ddtbjoD82N2yJZF1YHT3fw==' 'self' *.gstatic.com *.cohere.so *.google.com *.gstatic.com *.googletagmanager.com *.googleapis.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.googletagmanager.com *.google.com;font-src 'self' data: *.gstatic.com;connect-src 'self' *.b2clogin.com *.googleapis.com *.onlineweb.ca *.gstatic.com *.google.com *.googletagmanager.com *.g.doubleclick.net *.greenshieldplus.ca *.cohere.so ws: *.launchdarkly.com;img-src 'self' data: *.gstatic.com *.google.ca *.googleapis.com *.aglty.io *.googletagmanager.com
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:37:59 GMT
etag: "jpl2n96gxe2v0"
permissions-policy: geolocation=(self)
referrer-policy: same-origin
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 797305152e71cc2e.css
healthhub-cat.myarta.net/_next/static/css/ 97 KB
16 KB 30ms
27ms Stylesheet
text/css 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"18481-18d19419d38"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 webpack-8f91f78198cdbbd5.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 3 KB
1 KB 26ms
25ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/webpack-8f91f78198cdbbd5.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"a43-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 framework-ca706bf673a13738.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 138 KB
45 KB 41ms
33ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/framework-ca706bf673a13738.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"2270e-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main-be6a1bd740039146.js Show response
healthhub-cat.myarta.net/_next/static/chunks/ 115 KB
33 KB 34ms
29ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/main-be6a1bd740039146.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"1cdcd-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 _app-d9a9c52721a1aa25.js Show response
healthhub-cat.myarta.net/_next/static/chunks/pages/ 5 MB
906 KB 36ms
32ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a41b1b31cb97fd85d702096b1e29488f1040efdeab51f8ef11e79ca0d1aeee73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"56210c-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 index-8133aa1f5339533d.js Show response
healthhub-cat.myarta.net/_next/static/chunks/pages/ 476 B
584 B 34ms
31ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/index-8133aa1f5339533d.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f1a40971465d1c6ded3130a8a492dac5f0c7acdd3d01626b60a014e5c258ea41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"1dc-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 91c1cb2f61fb26c1a90c54c08d6946e1
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476

GET
H2 200 _buildManifest.js Show response
healthhub-cat.myarta.net/_next/static/jUqOwvMUmmWFi0LFUwqHz/ 8 KB
2 KB 33ms
30ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/jUqOwvMUmmWFi0LFUwqHz/_buildManifest.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ed26997f02290298c886a495ed1cc5d3342492099b45efe18d54602da5a1b4e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"2082-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 _ssgManifest.js Show response
healthhub-cat.myarta.net/_next/static/jUqOwvMUmmWFi0LFUwqHz/ 77 B
191 B 30ms
28ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/jUqOwvMUmmWFi0LFUwqHz/_ssgManifest.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:37:59 GMT
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"4d-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 4239411683fcbb4ffa0cd55633fb227b
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 main.js
static.cohere.so/ 337 KB
110 KB 79ms
57ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"149bf97767320573ebbbf4214f899a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biueZdPP3fauu%2FMzcjbi19ozYKYxwDFvsbny0hxh2O1s0KR%2BQM4aVmj6bdBaSe2daU6h5SdxRNEuPmCu2nTe6lumjtbe8Q71%2BCehtxc7VWzSEfsbYADWnCp5Yn2kQGxRarTc7YzhVX43K8TyRDZu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be1deb104338-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ 2 B
156 B 5ms
5ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 Jan 2024 21:38:00 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-lga21966-LGA
x-timer: S1705527481.541502,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ 97 B
499 B 19ms
18ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 103
x-served-by: cache-lga21978-LGA, cache-lga21966-LGA
x-timer: S1705527481.518237,VS0,VE13
etag: "45dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H3 200 Gilroy-Medium.8d6b4a62.otf
healthhub-cat.myarta.net/_next/static/media/ 54 KB
33 KB 98ms
98ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/media/Gilroy-Medium.8d6b4a62.otf
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Origin: https://healthhub-cat.myarta.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"d6bc-18d19419d38"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Gilroy-SemiBold.84d83109.otf
healthhub-cat.myarta.net/_next/static/media/ 54 KB
33 KB 99ms
98ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/media/Gilroy-SemiBold.84d83109.otf
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://healthhub-cat.myarta.net/_next/static/css/797305152e71cc2e.css
Origin: https://healthhub-cat.myarta.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"d7ac-18d19419d38"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Translations
api-cat.onlineweb.ca/pmos-api-b2c/api/v1/ 274 KB
52 KB 356ms
143ms Fetch
application/json 34.36.88.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cat.onlineweb.ca/pmos-api-b2c/api/v1/Translations?domain=api-cat.onlineweb.ca&languageIso=en&platform=Web&clientType=Web

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.88.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

97.88.36.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-response-time-ms: 21
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 85da566f-8e1c-4b5a-9c95-5a69696fb128

GET
H3 200 signin-3dba7d883901a5de.js
healthhub-cat.myarta.net/_next/static/chunks/pages/ 2 KB
1 KB 96ms
96ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/signin-3dba7d883901a5de.js
Requested by: Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/main-be6a1bd740039146.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://healthhub-cat.myarta.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"994-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 /
voice.cohere.so/chatPreload/ Frame 66BB 666 B
798 B 91ms
51ms Document
text/html 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/chatPreload/

Requested by

Host: static.cohere.so
URL: https://static.cohere.so/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8471be215ce217ad-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvoufT98sz8u60wsUAZGU3oF9KvOYx9e%2FeoLPr8G%2BVcZmv%2BSM0o2mB%2BFgqqqV22zUZprPswV%2BocpyusKdL36vWpM8h8fYm0CIEuedcojFb7efr3BrOC0JbTdMFivqETXYAYDCR1DqbtSdI0ldlk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ping
service.cohere.so/ 55 B
363 B 197ms
49ms Fetch 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://service.cohere.so/ping
Requested by: Host: static.cohere.so
URL: https://static.cohere.so/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

uwebsockets: 20
date: Wed, 17 Jan 2024 21:38:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-ray: 8471be212a337ce7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 55

OPTIONS
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ Frame 0
0 341ms
35ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 17 Jan 2024 21:38:00 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-lga21966-LGA
x-timer: S1705527481.508313,VS0,VE29

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ Frame 0
0 315ms
10ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 17 Jan 2024 21:38:00 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-lga21966-LGA
x-timer: S1705527481.508275,VS0,VE1

GET
H/1.1 200
OK openid-configuration
gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/v2.0/.well-known/ 1 KB
2 KB 610ms
509ms Fetch
application/json 2603:1036:3000:18::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/v2.0/.well-known/openid-configuration

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 17 Jan 2024 21:38:01 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://healthhub-cat.myarta.net
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid: 22290c92-551d-4671-a605-7e3f4c63e4f3
Content-Length: 1460
X-XSS-Protection: 1; mode=block

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0
clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/ 118 B
0 602ms
184ms EventSource
text/event-stream 3.33.235.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYWY5ZjdiNTAtYjU4MC0xMWVlLThjYjUtNmYyMWEwZmRiOTA0In0

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.235.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 326
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 chatPreload-a70e2fdd.js
voice.cohere.so/assets/ Frame 66BB 434 B
623 B 53ms
51ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/chatPreload-a70e2fdd.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8c5feb50d7e957ceba754f2463a93a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH%2BElFnZlAud9Y84j%2FjqiRTo%2F%2BVrFXN3YvLdWI8ug3AbY74r6LJuas9QHuKMUls0njyJIihRD5IFPEnRKbB%2FvYHGBoYmp0Q9JMi%2FRZE7RYZOXe1TwIg9iUbGGvIhzhKVts6yUz5WbAS%2Bksw5O%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4417ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 modulepreload-polyfill-ec808ebb.js
voice.cohere.so/assets/ Frame 66BB 711 B
705 B 43ms
42ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/modulepreload-polyfill-ec808ebb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"903e4529424e3715b2638da2e39da267"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT6IX6LLOYZorbZPxe9kSzmUSkUpK4eFohpQk6MoZjF3aI73FOa5y5ktWwIca7YzVVll2mBNtU1kr2IdusOiL%2BxLIquPAGmTSkyI5VTlDQEJJ%2BSL0OyGaNI0huStzTPcXvsieUOpKIANfsSVF%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4717ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 index.browser-7e542916.js
voice.cohere.so/assets/ Frame 66BB 184 B
464 B 44ms
43ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/index.browser-7e542916.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"c22e7729c65f8d729602bbe7957c496c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfJvhsKzFNm4IO%2B5ISgVuG1EsvmHbvyU4fzFcYzTU906MWY20%2BVvu5DfhyRZFFnrQagBisUSbphkG3TmeORi77bdeH%2F5uPbXYPrfXKs3Tm0JkUGcaynL6GHm9tm7l2dY0Ofm3NKP%2BqpmuoeziN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4817ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 connectToParent-8fc445fb.js
voice.cohere.so/assets/ Frame 66BB 4 KB
2 KB 46ms
45ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/connectToParent-8fc445fb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8f44b78c5804759d0ef1966b7ddd3448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Yh5J5OkjwwYY7EkOyY2%2B8znim3lMOjhBQp4eqRI5jVsNNQmAVssL9CKvw7%2F6oax%2FKAE%2FGNflbqTrPNPbQ2bPxAvE4gQNAEC1HFYCEq%2B3YUac3CeWF%2B02JLUilEdsgX%2FZezrvjb4spy5v0oB584%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4917ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 fileUtils-329ccb40.js
voice.cohere.so/assets/ Frame 66BB 1 KB
1008 B 44ms
43ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/fileUtils-329ccb40.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"5ae9d6c06ccdb48f0ad27ebdbece1bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMijQjQZOPMAAQUlMjo0tAWj6GVHHlsJswwr6xKW3wQz7KTeE6Db7NTnrZ7k2NkvxyrL6Ujmcs3%2FWtcLoUxryWCCMjeN2iWQ%2FI4XoxlzeUfKDYM4UznpQVBVsnDGdLYl6gvekJunVkBWvbsVAyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4a17ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 preload-helper-101896b7.js
voice.cohere.so/assets/ Frame 66BB 742 B
739 B 48ms
47ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/preload-helper-101896b7.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"589582124a6eb15ac8837767b574ee51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn69eCOp9nP8HpEW4%2FVJhjxTMgkycZ9ArVZx1G7xWLk1ECPTWTX1u%2Fgjj3JbGhLWHH34H%2BU3wJo60Cyc2V5QHrm92ZQYQHhYecl4QjmnFpRRTIf3UDaKSVj2rx3IED5Q2yNndSoPDlSRpkrC%2BpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4b17ad-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 bundleMessages-444ded67.js
voice.cohere.so/assets/ Frame 66BB 141 KB
47 KB 61ms
60ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/bundleMessages-444ded67.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"0fa1746fb730209f539886fd06036f32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgFnwUth66WqqSX%2F%2B3ZYu8JjjhJEXLCv%2Fzlzfe%2Fg8moX7gscc30UZfrizyjJTeio3l%2FMJDmJGUPTwrJrppHYGTTzAieQL%2BPbrhzoq5%2BOzoShhgga0lpZ66oXmb2lV88SjSBxYB%2FZpaGCYgnY24o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be21bd4c17ad-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 64e51dfa264389149f777ad5
events.launchdarkly.com/events/diagnostic/ Frame 0
0 328ms
13ms Preflight 34.198.76.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-76-125.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://healthhub-cat.myarta.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Wed, 17 Jan 2024 21:38:00 GMT
strict-transport-security: max-age=31536000

POST
H2 202 64e51dfa264389149f777ad5
events.launchdarkly.com/events/diagnostic/ 0
344 B 13ms
13ms XHR
application/json 34.198.76.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64e51dfa264389149f777ad5

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-76-125.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 61ms
20ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 21:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 19:42:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 21:38:00 GMT

GET
H2 206 accept-sound-4RJBS7T3.mp3
static.cohere.so/ 24 KB
25 KB 34ms
33ms Media
audio/mpeg 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/accept-sound-4RJBS7T3.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Jan 2024 21:38:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4235
Content-Range: bytes 0-25075/25076
alt-svc: h3=":443"; ma=86400
Content-Length: 25076
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fcdc58ef2dc9cda121b52a4125b1e891"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn%2BEC%2F84WN9IcQDnn%2FNHKA2sY1QD9CYoZkgSeI%2Fu8bQXQg4iYbbDf1BUVN5lHFo9JEzOEV7PoofuqBcCExXNw6vePxt%2FwhYbT0zTog37MeWaRzkPd%2FQT3xg6ebb8LHNWm%2FaG"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 8471be23fb0c4338-EWR

GET
H2

200

cwi-sso Show response
cat.greenshieldplus.ca/login/
Redirect Chain

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_dhe_greenshieldplus_signin_mfa/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onm...
https://cat.greenshieldplus.ca/login/cwi-sso

4 KB
2 KB

132ms
33ms

Document
text/html

34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.greenshieldplus.ca/login/cwi-sso

Requested by

Host: healthhub-cat.myarta.net
URL: https://healthhub-cat.myarta.net/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

26.161.160.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

208425d9d93e685b5dd2c21153c49d3b04738f323efd353585c816f77b6d68ed

Security Headers

Name	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-mdduten4Stawf5BRymztaA==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: ;default-src 'self' *.cohere.so *.googletagmanager.com *.b2clogin.com;script-src 'nonce-mdduten4Stawf5BRymztaA==' 'self' *.gstatic.com *.cohere.so *.google.com *.gstatic.com *.googletagmanager.com *.googleapis.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.googletagmanager.com *.google.com;font-src 'self' data: *.gstatic.com;connect-src 'self' *.b2clogin.com *.googleapis.com *.onlineweb.ca *.gstatic.com *.google.com *.googletagmanager.com *.g.doubleclick.net *.greenshieldplus.ca *.cohere.so ws: *.launchdarkly.com;img-src 'self' data: *.gstatic.com *.google.ca *.googleapis.com *.aglty.io *.googletagmanager.com
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:38:01 GMT
etag: "eri6et3gi62vl"
permissions-policy: geolocation=(self)
referrer-policy: same-origin
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Allow: OPTIONS TRACE GET HEAD POST
Cache-Control: no-store, must-revalidate, no-cache
Content-Length: 635
Content-Type: text/html; charset=utf-8
Date: Wed, 17 Jan 2024 21:38:01 GMT
Location: https://cat.greenshieldplus.ca/login/cwi-sso#error=redirect_uri_mismatch&error_description=AADB2C90006%3a+The+redirect+URI+%27https%3a%2f%2fhealthhub-cat.myarta.net%2fsignin%27+provided+in+the+request+is+not+registered+for+the+client+id+%27d0e95329-659a-4882-a369-ca72abfbca09%27.%0d%0aCorrelation+ID%3a+fd086c59-a9bb-4b18-9830-9fe3437471cb%0d%0aTimestamp%3a+2024-01-17+21%3a38%3a01Z%0d%0a&state=eyJpZCI6ImI3NGMxZWQ0LWRhZTEtNDFiMy1hODEzLTY0YjZjNTM3MjJmYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d
Public: OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
x-ms-gateway-requestid: 585d5133-05a0-438c-808d-340930728c9f

GET
H3 200 797305152e71cc2e.css
cat.greenshieldplus.ca/_next/static/css/ 97 KB
16 KB 36ms
36ms Stylesheet
text/css 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"18481-18d19419d38"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 webpack-8f91f78198cdbbd5.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 3 KB
1 KB 35ms
34ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/webpack-8f91f78198cdbbd5.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"a43-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 framework-ca706bf673a13738.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 138 KB
44 KB 46ms
44ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/framework-ca706bf673a13738.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"2270e-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 main-be6a1bd740039146.js Show response
cat.greenshieldplus.ca/_next/static/chunks/ 115 KB
33 KB 43ms
41ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/main-be6a1bd740039146.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"1cdcd-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _app-d9a9c52721a1aa25.js Show response
cat.greenshieldplus.ca/_next/static/chunks/pages/ 5 MB
905 KB 36ms
34ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a41b1b31cb97fd85d702096b1e29488f1040efdeab51f8ef11e79ca0d1aeee73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"56210c-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 cwi-sso-eba25e1a955df9a5.js Show response
cat.greenshieldplus.ca/_next/static/chunks/pages/login/ 2 KB
1 KB 42ms
40ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/login/cwi-sso-eba25e1a955df9a5.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 513f84c89291384574f1630fb74e0f4075ec926428443316e0b93f934d54339a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"6f7-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _buildManifest.js Show response
cat.greenshieldplus.ca/_next/static/jUqOwvMUmmWFi0LFUwqHz/ 8 KB
2 KB 41ms
39ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/jUqOwvMUmmWFi0LFUwqHz/_buildManifest.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ed26997f02290298c886a495ed1cc5d3342492099b45efe18d54602da5a1b4e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"2082-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 _ssgManifest.js Show response
cat.greenshieldplus.ca/_next/static/jUqOwvMUmmWFi0LFUwqHz/ 77 B
97 B 39ms
38ms Script
application/javascript 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/jUqOwvMUmmWFi0LFUwqHz/_ssgManifest.js
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cat.greenshieldplus.ca/login/cwi-sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:01 GMT
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"4d-18d19419d38"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 3525ff07930e63e93627492b4b422d30
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H3 200 main.js
static.cohere.so/ 337 KB
110 KB 65ms
64ms Script
application/javascript 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"149bf97767320573ebbbf4214f899a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yp9wj2nk2JY2G481adatkUX9FYbJ8caTj60vyLNVg%2FqqyI1PIPBdFmJcXfA85aj6Cf%2Fxa0z963%2BDoUKQapZVXcndMTGNRt70YWwFzMeJphIscY%2BMn0LAkiY7G971L9rLHoLwEUUCj0ppYKNqSr6b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2c2a7cc332-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 200 64e51dfa264389149f777ad5
app.launchdarkly.com/sdk/goals/ Frame 0
0 18ms
17ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://cat.greenshieldplus.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 17 Jan 2024 21:38:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-lga21966-LGA
x-timer: S1705527482.352510,VS0,VE0

GET
H2 200 64e51dfa264389149f777ad5 Show response
app.launchdarkly.com/sdk/goals/ 2 B
112 B 12ms
10ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64e51dfa264389149f777ad5

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Wed, 17 Jan 2024 21:38:02 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-lga21966-LGA
x-timer: S1705527482.372529,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 2

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ 97 B
479 B 49ms
48ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: en-US,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 103
x-served-by: cache-lga21941-LGA, cache-lga21966-LGA
x-timer: S1705527482.372801,VS0,VE15
etag: "45dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0
app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/ Frame 0
0 17ms
17ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/64e51dfa264389149f777ad5/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://cat.greenshieldplus.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Wed, 17 Jan 2024 21:38:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-lga21966-LGA
x-timer: S1705527482.353140,VS0,VE0

GET
H3 200 Gilroy-Medium.8d6b4a62.otf
cat.greenshieldplus.ca/_next/static/media/ 54 KB
33 KB 33ms
30ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/media/Gilroy-Medium.8d6b4a62.otf
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Origin: https://cat.greenshieldplus.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"d6bc-18d19419d38"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 Gilroy-SemiBold.84d83109.otf
cat.greenshieldplus.ca/_next/static/media/ 54 KB
33 KB 36ms
32ms Font
font/otf 34.160.161.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.greenshieldplus.ca/_next/static/media/Gilroy-SemiBold.84d83109.otf
Requested by: Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.161.26 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 26.161.160.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://cat.greenshieldplus.ca/_next/static/css/797305152e71cc2e.css
Origin: https://cat.greenshieldplus.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 17 Jan 2024 21:09:07 GMT
server: Google Frontend
etag: W/"d7ac-18d19419d38"
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Translations
api-cat.onlineweb.ca/pmos-api-b2c/api/v1/ 274 KB
52 KB 135ms
127ms Fetch
application/json 34.36.88.97
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cat.onlineweb.ca/pmos-api-b2c/api/v1/Translations?domain=api-cat.onlineweb.ca&languageIso=en&platform=Web&clientType=Web

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.88.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

97.88.36.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: gzip
via: 1.1 google, 1.1 google
strict-transport-security: max-age=15724800; includeSubDomains; preload
x-response-time-ms: 18
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 0a79dc13-ee6c-4f4c-bd16-77323aadbf5f

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0
clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/ 118 B
0 134ms
134ms EventSource
text/event-stream 3.33.235.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/64e51dfa264389149f777ad5/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYjBlN2Q5ZDAtYjU4MC0xMWVlLWJiYWMtZmQ1MzM2ZjljNzdhIn0

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/login/cwi-sso

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.235.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 326
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H3 200 /
voice.cohere.so/chatPreload/ Frame AE33 666 B
760 B 53ms
52ms Document
text/html 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/chatPreload/

Requested by

Host: static.cohere.so
URL: https://static.cohere.so/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8471be2e5e9b17b5-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:38:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn0t27HoBWO6umG3UtqvVUGfeO7UeodAhOg3Hd7uicw1AmSA1CrH3tbrxw8vjAjvrGufL6ExNOeab6FmSACsCpDl7%2B2btuHlP9WyXmLUp3xg9aex5ILSC%2BZKGUsGyhsxO2aYD5bgzYTFxTouLuw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ping
service.cohere.so/ 55 B
235 B 23ms
22ms Fetch 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://service.cohere.so/ping
Requested by: Host: static.cohere.so
URL: https://static.cohere.so/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

uwebsockets: 20
date: Wed, 17 Jan 2024 21:38:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cf-ray: 8471be2e6b977ce7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 55

GET
H/1.1 200
OK openid-configuration
gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/v2.0/.well-known/ 1 KB
2 KB 130ms
130ms Fetch
application/json 2603:1036:3000:18::1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/v2.0/.well-known/openid-configuration

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2603:1036:3000:18::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Wed, 17 Jan 2024 21:38:02 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cat.greenshieldplus.ca
Public: OPTIONS,TRACE,GET,HEAD,POST
Cache-Control: no-store, must-revalidate, no-cache
Allow: OPTIONS, TRACE, GET, HEAD, POST
x-ms-gateway-requestid: f878277c-e795-41dd-9344-bfd2e67ecfbd
Content-Length: 1418
X-XSS-Protection: 1; mode=block

GET
H3 200 chatPreload-a70e2fdd.js
voice.cohere.so/assets/ Frame AE33 434 B
807 B 52ms
51ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/chatPreload-a70e2fdd.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8c5feb50d7e957ceba754f2463a93a44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qj3eoup9pVg3eC%2BmcF%2B1wposOhE0kcGBUJ5Kgx2Ksvbm3LPlQ8%2BUu%2F0MmLDnPKhNgGnf53w1BUeSdFwXwmfersvsM9%2BMKrFWDM7DlnFWq9t96Ouizf%2Bh1PRRrtkeMUeqfRlgcDrCra%2FH%2BT4N0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf1f17b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 modulepreload-polyfill-ec808ebb.js
voice.cohere.so/assets/ Frame AE33 711 B
873 B 48ms
47ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/modulepreload-polyfill-ec808ebb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"903e4529424e3715b2638da2e39da267"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xyICboLQ63YEmgVPf284H7CdEMTnJIBg2JZJN26bHT%2Bo4DC93IFCmVXrB31cSq4Z8xKRFlwGvlg1NKvCbhfENo%2B3qU0yswlBKI6XSSeEk3WEfofRmT%2BPH60mHGs6kaIaqcMFvqZ%2Bqp3h%2FV8srQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2117b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.browser-7e542916.js
voice.cohere.so/assets/ Frame AE33 184 B
654 B 48ms
47ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/index.browser-7e542916.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"c22e7729c65f8d729602bbe7957c496c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4Dp3m1zZdGuYF8SfCDxQ2GLe%2B2mc7cTOfFuZrs6rjzTno0xw4cXE9q6%2Bxpwa06EwvMoXgrMbB2FauDVjaOmy2mV6kQeMAEEUJ3WRJZpaH7JPZywj%2FeEib6Z%2BqF3jonCami5jXz6hSUgdcjyWgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2317b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 connectToParent-8fc445fb.js
voice.cohere.so/assets/ Frame AE33 4 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/connectToParent-8fc445fb.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8f44b78c5804759d0ef1966b7ddd3448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGTM%2Bf9UUltdW9A9y1JVAKfz10To6mJAQwQ6iJezcdN3Tgvp24873jTl5SR821V3MdhqVHYBgZ2URT3Pot%2BYc%2FSG93Sd8zf%2B9nnGJfciJTNlEjnYE0%2ByXg9e%2FL9rZwuR%2Fh9n1Fzc%2FY85WrZZ%2BfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2617b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 fileUtils-329ccb40.js
voice.cohere.so/assets/ Frame AE33 1 KB
1 KB 49ms
49ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/fileUtils-329ccb40.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"5ae9d6c06ccdb48f0ad27ebdbece1bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du%2B8bjQiXJkZG%2F2IKNrlrHVlW7HefczagPg6BJ2oPtIqA6uuvDcNw%2FpdpMBCtDX6yAnpfdH9Ae79%2BJwnNiZ6DMS56A9Dr1daAgcqI%2F77BA%2BzYU%2FpHWCB%2BSC7rKCns9N85gb%2FlQW6Wn5IVsiUx3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2717b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 preload-helper-101896b7.js
voice.cohere.so/assets/ Frame AE33 742 B
926 B 45ms
45ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/preload-helper-101896b7.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"589582124a6eb15ac8837767b574ee51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRb6omBTFpzSj7ADNn%2F8G%2BM%2F9ZeQe8L9cRC7memW6iwKux31dcumh42uVhC2sTzhSh7TQfxZtfwcQ7ie1s8pm7YCv4sL9pMWLJHSFT5U0rJbyIIVmuS9%2BWcE9j9Ji%2B4d7FgaRH3HK2CNlIOaSUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2817b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 bundleMessages-444ded67.js
voice.cohere.so/assets/ Frame AE33 141 KB
47 KB 48ms
48ms Script
application/javascript 2606:4700::6812:456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/assets/bundleMessages-444ded67.js

Requested by

Host: voice.cohere.so
URL: https://voice.cohere.so/chatPreload/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://voice.cohere.so/chatPreload/
Origin: https://voice.cohere.so
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"0fa1746fb730209f539886fd06036f32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WgdR%2FNQXcVFBQFnzZF7rdyhz1yfzjs9uIHvDr0jeZuweUfLv5HVd49%2BUvzfbxYB%2Fs1YhR8VcpSFoyf5oCtnTXuQjVW8juSt5HGxsmD6try7oppFx%2B6nia%2BiDngdWUnNxMgWoGbCkOLMPTZOrmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8471be2ebf2917b5-EWR
alt-svc: h3=":443"; ma=86400

GET
H2

200

Primary Request error Show response
benadminuat.ibenefits.ca/voidentityserver/home/
Redirect Chain

https://gsccatb2c.b2clogin.com/gsccatb2c.onmicrosoft.com/b2c_1a_pm_cwi_sso/oauth2/v2.0/authorize?client_id=d0e95329-659a-4882-a369-ca72abfbca09&scope=https%3A%2F%2Fgsccatb2c.onmicrosoft.com%2Fdigit...
https://benadminuat.ibenefits.ca/voidentityserver/connect/authorize?client_id=gsc-uat&redirect_uri=https%3a%2f%2fgsccatb2c.b2clogin.com%2fgsccatb2c.onmicrosoft.com%2foauth2%2fauthresp&response_type...
https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLI...

4 KB
5 KB

360ms
359ms

Document
text/html

74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLIpbVxKrZoSV5u-u7YQQ5enhXX5JjE0fI9SyBhNEB4jYOuwacyt_XuA_SEW0mFudgumfYMjY5sOr-1yYEF6r8Iklw4LcLgA-85qVlN3mErjOrYx8Rr4LIV0BrhquVxQXLOUaVmp4E5qDqEkacJAe7Ms48eyY8G6--1HJCdTDN0kUy7Zy7zbpmfYnAWHCOdez1Xdt3x28ZSao14IBJtZwqL3kceEYUXiniguqI8zr8WnJMoHXjs

Requested by

Host: cat.greenshieldplus.ca
URL: https://cat.greenshieldplus.ca/_next/static/chunks/pages/_app-d9a9c52721a1aa25.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

b438c1003f29063b808cfc6af8e0a5b13372390296c5ace54756d057a4ed9585

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
Strict-Transport-Security	max-age=15768000
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cat.greenshieldplus.ca/login/cwi-sso#error=redirect_uri_mismatch&error_description=AADB2C90006%3a+The+redirect+URI+%27https%3a%2f%2fhealthhub-cat.myarta.net%2fsignin%27+provided+in+the+request+is+not+registered+for+the+client+id+%27d0e95329-659a-4882-a369-ca72abfbca09%27.%0d%0aCorrelation+ID%3a+fd086c59-a9bb-4b18-9830-9fe3437471cb%0d%0aTimestamp%3a+2024-01-17+21%3a38%3a01Z%0d%0a&state=eyJpZCI6ImI3NGMxZWQ0LWRhZTEtNDFiMy1hODEzLTY0YjZjNTM3MjJmYSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 21:38:03 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15768000
x-content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

date: Wed, 17 Jan 2024 21:38:03 GMT
location: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLIpbVxKrZoSV5u-u7YQQ5enhXX5JjE0fI9SyBhNEB4jYOuwacyt_XuA_SEW0mFudgumfYMjY5sOr-1yYEF6r8Iklw4LcLgA-85qVlN3mErjOrYx8Rr4LIV0BrhquVxQXLOUaVmp4E5qDqEkacJAe7Ms48eyY8G6--1HJCdTDN0kUy7Zy7zbpmfYnAWHCOdez1Xdt3x28ZSao14IBJtZwqL3kceEYUXiniguqI8zr8WnJMoHXjs
strict-transport-security: max-age=15768000

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
820 B 22ms
21ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 21:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:02:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 21:38:02 GMT

GET
H3 206 accept-sound-4RJBS7T3.mp3
static.cohere.so/ 660 B
0 15ms
15ms Media
audio/mpeg 2606:4700::6812:556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/accept-sound-4RJBS7T3.mp3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 17 Jan 2024 21:38:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2545
Content-Range: bytes 0-25075/25076
alt-svc: h3=":443"; ma=86400
Content-Length: 25076
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fcdc58ef2dc9cda121b52a4125b1e891"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb5nXdcIKozqpoQ6QAPTjX40j2tIQ%2FIug%2FGOcHwUs48rdGUKUb6f4YPLnyG%2FnrkFnGyVB2cYyWfAT6v2fPrPZ%2BrYKiYzfINJKB9O86kFI7YGYlCn6NTX5kcEcmFzqxzNw%2B1NhBrbIvFLfBcmhKn3"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 8471be307eb6c332-EWR

GET
H3 200 css
fonts.googleapis.com/ 8 KB
774 B 21ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,400,500,500,700

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/home/error?errorId=CfDJ8AShEaVvM45IsL1r5-Ar1gNEK8wAtqqdTADkvVkNzI21n6DIL7eyOukVb2AsjmqDKmA2KTs7d-w9vL5szlSN6c9TZR4skTmhI-C4yx1Y0-16CgZFNBKdN0O_XOLIpbVxKrZoSV5u-u7YQQ5enhXX5JjE0fI9SyBhNEB4jYOuwacyt_XuA_SEW0mFudgumfYMjY5sOr-1yYEF6r8Iklw4LcLgA-85qVlN3mErjOrYx8Rr4LIV0BrhquVxQXLOUaVmp4E5qDqEkacJAe7Ms48eyY8G6--1HJCdTDN0kUy7Zy7zbpmfYnAWHCOdez1Xdt3x28ZSao14IBJtZwqL3kceEYUXiniguqI8zr8WnJMoHXjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0771512c57f3416f6cc6a7b15d2104ef02565621b7707e15ecbbcb1f95a13275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 21:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:38:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 21:38:03 GMT

GET
H2 200 main-blue.min.css
benadminuat.ibenefits.ca/voidentityserver/css/ 36 KB
36 KB 63ms
61ms Stylesheet
text/css 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/main-blue.min.css?v=zWQClWTpDI-3ypLIonDiYz3zSdlBIPo-WPyPaDbGr70

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

cd64029564e90c8fb7ca92c8a270e2633df349d94120fa3e58fc8f6836c6afbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c19beb3"
content-length: 37043
content-type: text/css

GET
H2 200 greenshield.css
benadminuat.ibenefits.ca/voidentityserver/css/ 51 KB
51 KB 64ms
62ms Stylesheet
text/css 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

2247a2689c72e68f1af5637bdc579ef7481a9fbae323f781bf4b31794272a99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c19e267"
content-length: 52327
content-type: text/css

GET
H2 200 logo
benadminuat.ibenefits.ca/voidentityserver/logo/ 18 KB
19 KB 209ms
207ms Image
image/png 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/logo/logo?baseUrl=default

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

a86d4be4ae06eaac5c5991ac961cfe19926f27e4587ea7e8a7ce560a13e34be3

Security Headers

Name

Value

Content-Security-Policy

script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca

Strict-Transport-Security

max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'self' 'unsafe-inline' ajax.googleapis.com;style-src 'self' 'unsafe-inline' www.google.com platform.twitter.com cdn.syndication.twimg.com fonts.googleapis.com;font-src 'self' fonts.gstatic.com data:;connect-src 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca;frame-ancestors 'self' https://theuuat.ibenefits.ca https://geuat.ibenefits.ca https://ge-healthcare-uat.ibenefits.ca https://ge-aerospace-uat.ibenefits.ca https://ge-vernova-uat.ibenefits.ca https://benadminuat.ibenefits.ca
cache-control: public,max-age=900
date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
content-length: 18186
content-type: image/png

GET
H2 200 jquery.slim.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery/dist/ 71 KB
71 KB 64ms
62ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery/dist/jquery.slim.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c1834cf"
content-length: 72399
content-type: application/javascript

GET
H2 200 Jquery.validate.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation/dist/ 23 KB
23 KB 123ms
121ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation/dist/Jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c1974e3"
content-length: 23267
content-type: application/javascript

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation-unobtrusive/ 6 KB
6 KB 122ms
121ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c193886"
content-length: 5766
content-type: application/javascript

GET
H2 200 bootstrap.bundle.min.js Show response
benadminuat.ibenefits.ca/voidentityserver/lib/bootstrap/dist/js/ 79 KB
79 KB 123ms
122ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/lib/bootstrap/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c181540"
content-length: 80704
content-type: application/javascript

GET
H2 200 app.js Show response
benadminuat.ibenefits.ca/voidentityserver/js/ 279 B
442 B 161ms
160ms Script
application/javascript 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/js/app.js?v=22HW8IE-rnbb5TZhrBZyZZTZDyVRadGAOripZbzD9M0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

f8d1ab6192ece44bae974114b7a2bf1c4447a618250c65e594f31fbb4a9bf98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c192f17"
content-length: 279
content-type: application/javascript

GET
H2 200 body-bg.png
benadminuat.ibenefits.ca/voidentityserver/images/greenshield/ 3 KB
3 KB 36ms
35ms Image
image/png 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/images/greenshield/body-bg.png

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

78d16db5c41744ab05da900961b49900521fb1962c47bd9b293b14dbc3548871

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
accept-ranges: bytes
etag: "1da40789c192203"
content-length: 3075
content-type: image/png

GET
H2 200 NunitoSans-Regular.ttf
benadminuat.ibenefits.ca/voidentityserver/css/Fonts/greenshield/ 89 KB
90 KB 37ms
37ms Font
application/x-font-ttf 74.85.154.30
DRWORKS-01

General

Check archive.org

Show headers Download Go to

Full URL

https://benadminuat.ibenefits.ca/voidentityserver/css/Fonts/greenshield/NunitoSans-Regular.ttf

Requested by

Host: benadminuat.ibenefits.ca
URL: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.85.154.30 Burlington, Canada, ASN395544 (DRWORKS-01, CA),

Reverse DNS

Software

Resource Hash

13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://benadminuat.ibenefits.ca/voidentityserver/css/greenshield.css?v=1fcdle62QHcnXKCmgu4yJWf0Vh7ki32iuOrLr2Q0jBw
Origin: https://benadminuat.ibenefits.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 21:38:03 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 06 Jan 2024 08:16:12 GMT
etag: "1da40789c184b44"
vary: Origin
content-type: application/x-font-ttf
access-control-allow-origin: https://benadminuat.ibenefits.ca
accept-ranges: bytes
content-length: 91460

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 53ms
5ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,400,500,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benadminuat.ibenefits.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 07:42:34 GMT
x-content-type-options: nosniff
age: 136529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 07:42:34 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-rc:f9385653-65b3-425a-b619-d670046a4586 Value: Z2loSnJTYWhpVVVtUEdtRHZPWndZTjBXTFBYaE5BbDhiWGNsQnduaVlObkJqUnhyQk4wVTc0ZW0yYVhsNjBlTkZwT2ZpVzVoWlpSV25yV1BnUXROY1E9PTsyMDI0LTAxLTE3VDIxOjM4OjAzLjA4MDIzNTdaO1RFNFhGbjJ2aHdHcnEvOG1MM0xxNGc9PTt7IlRhcmdldEVudGl0eSI6IlNTTy1PcGVuSWRDb25uZWN0IiwiT3JjaGVzdHJhdGlvblN0ZXAiOjF9
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache\|xy3ua8alaum5cuxgb3wvfq_0 Value: m1.OB4rubBGMfYLZlBt.YmYhy/3ctNH0Sm4mTXbQnA==.0.SjoBswq1R5coZg2jVXGyAs+ls8lV4tTBtxdLMjkQJzp2nx38yLN1zwDxGAn08xy27hZ8D2f5uvk7RCtrUKhxtiU7G5zUr+aRU7RsZlfCWzgXvBXmCJTR05azO9ETQJiLdRRfDVGHiWYlfdzXKgHOXLh67sFE38NNJBhnL+DT2cz38+GV423R0/JLlDsmLbAmzsc5EJcws0VMvwZyHwavJBPZo4irKapjNoci2LuxMlVhN/ZYbST0XAXUY3nXTYkSWxGrzeP7Tm5Ik0bDWVo723GPmduIHT//LNnCZDWQ6d+bg3/nekGZMjZaiHtRhuOR1VISSfs8vmb3fUN93qQ4L6opb0OX9YhBJH+Dy0bx+s+Ju6QDH6zdbeu9NIl6QWBxWpQmAsri/hlzep6W1hCAH2WzVMAhNOfVYtTSMuX3k2qHJAiAOc0qnyKtT7paEPgVAs/gHB4w7GPdxnvq8+y+3i1DS1k9VbTJnqY4VqFBHGBNl7cpPxD1VZqn8Z4gmF99CWx4mPeor82+mgNdfh6d4t4FOjk5WZa5C4RSpMUFXUSfvcd05KSw5ML5ie1vaz/A+REYaD6l6oCNb5rF/Uci9xjnkKReTEnyt4x8afspPrbBp4mTVdJXltfjZzpwW7qp2FShqSik+II+7f/Dbc4C+iJ02HgHM5h3MnSp11f0/2rdmvz+Gdap2AMY+6LmmauH9+AA48rB5wKhbn4imYKmAqAioPgfpJP67Ydbgvt1LpBgiZcJykFbcQPb4EhZh/HqYJZCO30PGhRZ7+r+2oZ6mESfaIiNCuU8qG747OTczoukNGB+pUGvQIAWT1qqpnhHzg5ad2yM1oyqaIkEiRv7ebzUt7ohfRMNJGTQGeGMhY4JkqkAlJNcTYPV1OKEd3e6ybGJM+Y/jkcH/ymO88vEXTYFmmHf9Js1/AKxUEKgzFnW3CPenGUAZ+4yrBDDztJ6uflWXP+aqH7xcCVvyZz45UZKuiJwzshqDqJUk0KlntygMfPrPocPZWPuPWkukQB8pil7skZc6J+c+3OW/TTzGx/f23zlsAmz2qlBTVdJ3PeWbarUoufO++OCpGfBHPI7isg7hCrpDID4nH/1FcFTJ1gn+tGAZzd+1wbuD/7Ra6vdcDlnBCn+jw==
.gsccatb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6IjZiZWUyZDVmLWE1YzYtNDkwMS1iOTBhLWVjNjA2Zjc1YWY3ZCIsIlQiOiJnc2NjYXRiMmMub25taWNyb3NvZnQuY29tIiwiUCI6ImIyY18xYV9wbV9jd2lfc3NvIiwiQyI6ImQwZTk1MzI5LTY1OWEtNDg4Mi1hMzY5LWNhNzJhYmZiY2EwOSIsIlMiOjEsIk0iOnt9LCJEIjowLCJFIjoiIn1dLCJDX0lEIjoiNmJlZTJkNWYtYTVjNi00OTAxLWI5MGEtZWM2MDZmNzVhZjdkIn0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	;default-src 'self' .cohere.so .googletagmanager.com .b2clogin.com;script-src 'nonce-ddtbjoD82N2yJZF1YHT3fw==' 'self' .gstatic.com .cohere.so .google.com .gstatic.com .googletagmanager.com .googleapis.com;style-src 'self' 'unsafe-inline' .googleapis.com .googletagmanager.com .google.com;font-src 'self' data: .gstatic.com;connect-src 'self' .b2clogin.com .googleapis.com .onlineweb.ca .gstatic.com .google.com .googletagmanager.com .g.doubleclick.net .greenshieldplus.ca .cohere.so ws: .launchdarkly.com;img-src 'self' data: .gstatic.com .google.ca .googleapis.com .aglty.io .googletagmanager.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cat.onlineweb.ca
app.launchdarkly.com
benadminuat.ibenefits.ca
cat.greenshieldplus.ca
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
gsccatb2c.b2clogin.com
healthhub-cat.myarta.net
service.cohere.so
static.cohere.so
voice.cohere.so
151.101.194.217
2603:1036:3000:18::1
2606:4700::6812:456
2606:4700::6812:556
2607:f8b0:4006:817::2003
2607:f8b0:4006:823::200a
3.33.235.18
34.160.161.26
34.198.76.125
34.36.88.97
74.85.154.30
0771512c57f3416f6cc6a7b15d2104ef02565621b7707e15ecbbcb1f95a13275
13ad641781e6dd5f2134fcfc9b1589e3c66902b69ccbb68b74d3bd139c1e324e
1ad87973b874a993c76054dc0f3b9c117bf7664ee1feedf39e65b7d9482dbcaf
208425d9d93e685b5dd2c21153c49d3b04738f323efd353585c816f77b6d68ed
2247a2689c72e68f1af5637bdc579ef7481a9fbae323f781bf4b31794272a99b
38771e9e7ba11e3db4be1d97b5a4f687cd9322e05b39eaa81f715310a2c12856
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
513f84c89291384574f1630fb74e0f4075ec926428443316e0b93f934d54339a
5b765796b00aa01cff8abff04dbc48ce70e26177f9368a8577819fd302cf713f
68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4
78d16db5c41744ab05da900961b49900521fb1962c47bd9b293b14dbc3548871
a41b1b31cb97fd85d702096b1e29488f1040efdeab51f8ef11e79ca0d1aeee73
a5aa31a5cb77de463d7e9425be00bc2289231aaf22a9869515ac2014f83ca33d
a86d4be4ae06eaac5c5991ac961cfe19926f27e4587ea7e8a7ce560a13e34be3
b438c1003f29063b808cfc6af8e0a5b13372390296c5ace54756d057a4ed9585
c02c36ee26e55ba10188928a6bcab41f44fdfade35f020397cc6eaf0991c4e57
cd64029564e90c8fb7ca92c8a270e2633df349d94120fa3e58fc8f6836c6afbd
e126ead8fd465626572876855405a7ed794ff9b3644e10dc18ccc94412fc40b7
ed26997f02290298c886a495ed1cc5d3342492099b45efe18d54602da5a1b4e3
f0cbeafeb10e909522fae35b75e36b0c54f4db402bbdc220279c571c984c7c5c
f1a40971465d1c6ded3130a8a492dac5f0c7acdd3d01626b60a014e5c258ea41
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f8d1ab6192ece44bae974114b7a2bf1c4447a618250c65e594f31fbb4a9bf98b

benadminuat.ibenefits.ca Open in urlscan Pro 74.85.154.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

45 %IPv6

9 Domains

13 Subdomains

11 IPs

2 Countries

3009 kBTransfer

13944 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

benadminuat.ibenefits.ca Open in urlscan Pro
74.85.154.30 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

3009 kB
Transfer

13944 kB
Size

3
Cookies

76 HTTP transactions
0 data transactions