urlscan.io logo urlscan.io
SecurityTrails logo

portal.healthycontributions.com Open in urlscan Pro
2a02:e980:b4::3e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://employeewellnesshealthycontributions.com/
Effective URL: https://portal.healthycontributions.com/
Submission: On April 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 64 HTTP transactions. The main IP is 2a02:e980:b4::3e, located in United States and belongs to INCAPSULA, US. The main domain is portal.healthycontributions.com. The Cisco Umbrella rank of the primary domain is 677384.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on March 13th 2024. Valid for: 6 months.
This is the only time portal.healthycontributions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)
employeewellnesshealthycontributions.com
23    2a02:e980:b4::3e (United States)

ASN19551 (INCAPSULA, US)
www.healthycontributions.com
portal.healthycontributions.com
portal-api.healthycontributions.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.165.183.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-70.zrh55.r.cloudfront.net
vc.hotjar.io
1    76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
4    34.226.129.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-129-80.compute-1.amazonaws.com
events.launchdarkly.com
Apex Domain
Subdomains		 Transfer
23 healthycontributions.com
www.healthycontributions.com
portal.healthycontributions.com — Cisco Umbrella Rank: 677384
portal-api.healthycontributions.com — Cisco Umbrella Rank: 866894
11 MB
9 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 764
clientstream.launchdarkly.com — Cisco Umbrella Rank: 910
events.launchdarkly.com — Cisco Umbrella Rank: 893
1 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 314
162 KB
5 gstatic.com
fonts.gstatic.com
69 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
400 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
416 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3274
www.google.com — Cisco Umbrella Rank: 2
328 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
72 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 780
script.hotjar.com — Cisco Umbrella Rank: 1035
59 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
198 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2890
230 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 552
304 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
945 B
1 employeewellnesshealthycontributions.com
employeewellnesshealthycontributions.com
186 B
0 google.de Failed
www.google.de Failed
64 16
Domain Requested by
20 portal.healthycontributions.com portal.healthycontributions.com
9 cdn.cookielaw.org portal.healthycontributions.com
cdn.cookielaw.org
5 fonts.gstatic.com fonts.googleapis.com
4 events.launchdarkly.com portal.healthycontributions.com
4 app.launchdarkly.com portal.healthycontributions.com
2 www.facebook.com portal.healthycontributions.com
2 portal-api.healthycontributions.com portal.healthycontributions.com
2 stats.g.doubleclick.net www.googletagmanager.com
portal.healthycontributions.com
2 connect.facebook.net portal.healthycontributions.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
portal.healthycontributions.com
2 www.googletagmanager.com portal.healthycontributions.com
www.googletagmanager.com
1 clientstream.launchdarkly.com portal.healthycontributions.com
1 vc.hotjar.io portal.healthycontributions.com
1 www.google.com portal.healthycontributions.com
1 script.hotjar.com static.hotjar.com
1 region1.analytics.google.com www.googletagmanager.com
1 geolocation.onetrust.com portal.healthycontributions.com
1 static.hotjar.com www.googletagmanager.com
1 fonts.googleapis.com portal.healthycontributions.com
1 www.healthycontributions.com 1 redirects
1 employeewellnesshealthycontributions.com 1 redirects
0 www.google.de Failed portal.healthycontributions.com
64 22

This site contains links to these domains. Also see Links.

Domain
allyant.com
www.onetrust.com
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-13 -
2024-09-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-15 -
2024-04-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.healthycontributions.com/
Frame ID: FD7745DE329AE605853861ACD8C1C55F
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthy Contributions

Page URL History Show full URLs

  1. https://employeewellnesshealthycontributions.com/ HTTP 301
    https://www.healthycontributions.com/ HTTP 302
    https://portal.healthycontributions.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

64
Requests

97 %
HTTPS

63 %
IPv6

16
Domains

22
Subdomains

19
IPs

3
Countries

12070 kB
Transfer

15287 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://employeewellnesshealthycontributions.com/ HTTP 301
    https://www.healthycontributions.com/ HTTP 302
    https://portal.healthycontributions.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.healthycontributions.com/
Redirect Chain
  • https://employeewellnesshealthycontributions.com/
  • https://www.healthycontributions.com/
  • https://portal.healthycontributions.com/
55 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb1a0b0a9b0a586bdb9bb97b1abf8b3693befbbf7f045942cc871e4233167641

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 06 Apr 2024 21:37:11 GMT
ETag
"08bccef1382da1:0:dtagent10287240325103108BBjv"
Last-Modified
Fri, 29 Mar 2024 20:01:49 GMT
Server
Microsoft-IIS/10.0
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1911431131"
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-CDN
Imperva
X-Iinfo
5-41039620-41039622 NNNN CT(154 319 0) RT(1712439430994 23) q(0 0 4 0) r(6 6) U12
X-OneAgent-JS-Injection
true
X-Powered-By
ASP.NET
X-ruxit-JS-Agent
true

Redirect headers

Cache-Control
private
Content-Length
561
Content-Security-Policy
frame-ancestors 'self' https://www.anytimefitness.com/; script-src 'self' ajax.googleapis.com/ajax/libs/jquery/ https://maps.googleapis.com/ https://developers.google.com/maps/documentation/javascript/examples/markerclusterer/ https://www.googletagmanager.com/ https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ https://code.jquery.com/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ https://connect.facebook.net/en_US/ https://connect.facebook.net/signals/config/ https://static.hotjar.com/ https://script.hotjar.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://www.facebook.com/ https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://player.vimeo.com/ https://vars.hotjar.com; font-src 'self' https://fonts.gstatic.com/ https://script.hotjar.com; style-src 'self' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ https://static.hotjar.com/ https://script.hotjar.com 'unsafe-inline'; img-src 'self' https://anytimefitness.blob.core.windows.net data: https://i.vimeocdn.com/video/ https://www.googletagmanager.com/ https://www.google.com/ads/ https://maps.gstatic.com/mapfiles/ https://maps.googleapis.com/maps/ https://www.facebook.com/tr/ https://static.hotjar.com/ https://script.hotjar.com *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.facebook.com; connect-src 'self' https://portal-api.healthycontributions.com https://maps.googleapis.com/ *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com https://vimeo.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com
Content-Type
text/html; charset=utf-8
Date
Sat, 06 Apr 2024 21:37:10 GMT
Location
https://portal.healthycontributions.com
Server
Microsoft-IIS/10.0
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1295631129"
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-CDN
Imperva
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Iinfo
8-34241941-34241946 NNNN CT(154 317 0) RT(1712439429909 35) q(0 0 5 0) r(6 9) U11
X-OneAgent-JS-Injection
true
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
X-ruxit-JS-Agent
true
ruxitagentjs_ICA7NVfqrux_10287240325103108.js
portal.healthycontributions.com/ 		213 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5588624aacaba6fc6a19a621e41cd8c19cc2b2035e29791b2a921183c7700de3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
X-CDN
Imperva
Etag
"fbc5b86e"
Content-Type
text/javascript; charset=utf-8
X-Iinfo
5-41039694-0 0CNN RT(1712439431701 20) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=31340012, public
Content-Length
82544
Expires
Fri, 04 Apr 2025 15:10:43 GMT
gtm.js
www.googletagmanager.com/ 		293 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TTVZTF5&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
991b27d9f23a335120048e964a908891b37434d98ee22a0fc18217e1ce444c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101516
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 21:37:12 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Pg1MHDpg+UGdovxhidM4Kg==
age
21836
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6839
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 19:42:31 GMT
server
cloudflare
etag
0x8DC54DF5E2A9977
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
90ba55a2-901e-0084-8073-874b82000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf20f265d61-FRA
Group-Yoga.b1feb35e.png
portal.healthycontributions.com/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/Group-Yoga.b1feb35e.png
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2444271ed29b6e01081943b6cae328d1ba63c671790e11355fa9ff004502ea92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/png
X-Iinfo
10-48740698-48739334 2CNN RT(1712439431718 22) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=7084, public
Content-Length
1987224
Expires
Sat, 06 Apr 2024 23:35:15 GMT
8f8e880c-c08d-400d-bb39-9cc811b634b4.json
cdn.cookielaw.org/consent/8f8e880c-c08d-400d-bb39-9cc811b634b4/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8f8e880c-c08d-400d-bb39-9cc811b634b4/8f8e880c-c08d-400d-bb39-9cc811b634b4.json
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112a7a501e8cece0e9425e71c0573dd58c210751bb216d42a4b70bd51dafbbaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
32281
content-md5
SyM8ajZWg5Px4zm0Rb1uLA==
content-length
1664
x-ms-lease-status
unlocked
last-modified
Wed, 27 Mar 2024 15:54:35 GMT
server
cloudflare
etag
0x8DC4E76336294E4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dd8b6547-901e-0012-715f-804253000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf2daff975e-FRA
expires
Sun, 07 Apr 2024 21:37:12 GMT
css
fonts.googleapis.com/ 		4 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef9406f54f952d08bb7783886e1e44b18407372ade863da88176b51d0b8109ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 21:37:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 21:37:12 GMT
1.3e2c8337.chunk.css
portal.healthycontributions.com/static/css/ 		34 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/static/css/1.3e2c8337.chunk.css
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b1aee791e3997e64e46e59eb2007b1901652a33314365ee06977d7c3ec5d4980

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:50 GMT
X-CDN
Imperva
Etag
"08bccef1382da1:0"
Content-Type
text/css
X-Iinfo
5-41039694-41038762 2CNN RT(1712439431701 117) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=7084, public
Content-Length
11431
Expires
Sat, 06 Apr 2024 23:35:15 GMT
main.d535e96d.chunk.css
portal.healthycontributions.com/static/css/ 		153 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/static/css/main.d535e96d.chunk.css
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ca4e273a807a576ff49fdef348d57bbc75c75662727468cf3018d60dbb12c2c9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:52 GMT
X-CDN
Imperva
Etag
"0b8fdf01382da1:0"
Content-Type
text/css
X-Iinfo
5-41039620-41036795 2CNN RT(1712439430994 849) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=7084, public
Content-Length
33124
Expires
Sat, 06 Apr 2024 23:35:15 GMT
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6e8f19d14c29866171972170f2786d3ea0feee2b3db438d8864d9e988bceb8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ash.60b95b5d.svg
portal.healthycontributions.com/static/media/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/ash.60b95b5d.svg
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
33a8a467379b22eca7eae0b5f8a603b754e88adbfdc8dee6f933dd25f2b82a40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:52 GMT
X-CDN
Imperva
Etag
"0b8fdf01382da1:0"
Content-Type
image/svg+xml
X-Iinfo
5-41039694-41035539 2CNN RT(1712439431701 145) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=7084, public
Content-Length
3161
Expires
Sat, 06 Apr 2024 23:35:15 GMT
optum.a24b3df2.svg
portal.healthycontributions.com/static/media/ 		51 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/optum.a24b3df2.svg
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8a7ddcfa82d9cec1a90241cbd382e2a5dbe82c776c46375d930733c8c0a4d13d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/svg+xml
X-Iinfo
4-38136132-38132854 2CNN RT(1712439431841 21) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=7084, public
Content-Length
35306
Expires
Sat, 06 Apr 2024 23:35:15 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5L520R6YSE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTVZTF5&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b30a77fd60bfc7ae41f89c74e21a138df0c1c82ee090208256ac79bd8a00a9b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100174
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 21:37:12 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTVZTF5&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 19:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
7110
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Apr 2024 21:38:42 GMT
hotjar-3114807.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3114807.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTVZTF5&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
8707d4ebe835a5fabf01797531d1ea8acadc8a8a933e3ce5da64e3e3da65251a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/66a3d5c5dc0347125d25143665a603cc
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
9PUZ6IxU_bdS6UwN4085DMx_oZPCuYglBxNg6-SWTKw4hUn74mB1qw==
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Apr 2024 21:37:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57928
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1326, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
5jeyt+5N2g/p5Iu6dHRQdsDvbieV2f9fh2LF9MP3H/rsdGUv9wRxf4pa0sUU6yJbdWoHWig/sqQzMENtQ7V9Ag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f68186039e757e2691b7401340d593d716c6683bc511da7569f20e54407c78f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Grandma-Tutu-Blue.84b3d00f.png
portal.healthycontributions.com/static/media/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/Grandma-Tutu-Blue.84b3d00f.png
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0b6ee7b1bbdcbecaa89994e40fac82d8a913e2661ba815ec493f983e44bc210a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:12 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/png
X-Iinfo
5-41039620-41038762 2CNN RT(1712439430994 902) q(0 0 0 -1) r(1 1) U18
Cache-Control
max-age=7084, public
Content-Length
3251679
Expires
Sat, 06 Apr 2024 23:35:16 GMT
logo_white.55271a48.svg
portal.healthycontributions.com/static/media/ 		28 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/logo_white.55271a48.svg
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
060f35832420845017c9fccffe3cc9ff6a840b8da2dcd280fd6b7439e3b2f254

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/svg+xml
X-Iinfo
5-41039694-41036795 2CNN RT(1712439431701 198) q(0 1 1 -1) r(1 1)
Cache-Control
max-age=7084, public
Content-Length
21120
Expires
Sat, 06 Apr 2024 23:35:15 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e8a61b824f4762c554d2704d75613fdc4efcae975b718602bfd3923d0407955

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1.1d3d7647.chunk.js
portal.healthycontributions.com/static/js/ 		1 MB
561 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/static/js/1.1d3d7647.chunk.js
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f005fc522843dd2d99c9031a8152bc9675fa79e2b6f81be6283964711573d653

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:52 GMT
X-CDN
Imperva
Etag
"0b8fdf01382da1:0"
Content-Type
application/x-javascript
X-Iinfo
5-41039728-41035539 2CNN RT(1712439431861 40) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=7084, public
Content-Length
574443
Expires
Sat, 06 Apr 2024 23:35:15 GMT
main.27cb4584.chunk.js
portal.healthycontributions.com/static/js/ 		746 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/static/js/main.27cb4584.chunk.js
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
23deefe4154cd3c2643fdcd8e0543ead35cc77e9fc22459beb4ba9b3573bc82b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:52 GMT
X-CDN
Imperva
Etag
"0b8fdf01382da1:0"
Content-Type
application/x-javascript
X-Iinfo
4-38136135-38136010 2CNN RT(1712439431862 36) q(0 1 1 -1) r(1 1)
Cache-Control
max-age=7083, public
Content-Length
247397
Expires
Sat, 06 Apr 2024 23:35:14 GMT
_Incapsula_Resource
portal.healthycontributions.com/ 		145 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=756376760
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2ab2773e907584735488ff0c0f96016d4c2eeeb83e182b4510e038eb7d0dfa41

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
X-Robots-Tag
noindex
Content-Length
20879
Content-Type
application/javascript
material-icons-outlined.0ba49c09.woff2
portal.healthycontributions.com/static/media/ 		152 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/static/media/material-icons-outlined.0ba49c09.woff2
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/static/css/1.3e2c8337.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/static/css/1.3e2c8337.chunk.css
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:12 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:53 GMT
Server
Microsoft-IIS/10.0
X-CDN
Imperva
ETag
"0e52ef21382da1:0:dtagent10287240325103108BBjv"
X-Powered-By
ASP.NET
Content-Type
application/x-woff2
X-Iinfo
4-38136132-38136144 NNNN CT(156 325 0) RT(1712439431841 82) q(0 0 5 -1) r(6 6) U12
x-incap-sess-cookie-hdr
PzSRGRx5USDIVpN+hOGMBojAEWYAAAAAL1uT6ceBPXAO1jiHn9OnYQ==
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1375984475", dtTao;desc="1"
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
155276
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 10:56:42 GMT
x-content-type-options
nosniff
age
38430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 10:56:42 GMT
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 06:00:40 GMT
x-content-type-options
nosniff
age
56192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7632
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 06:00:40 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:42:03 GMT
x-content-type-options
nosniff
age
50109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 07:42:03 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 06:51:21 GMT
x-content-type-options
nosniff
age
485151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 06:51:21 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Poppins:200,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://portal.healthycontributions.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:36:31 GMT
x-content-type-options
nosniff
age
50441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 07:36:31 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept
application/json
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8704eaf3adc79f36-FRA
access-control-allow-headers
Content-Type
collect
region1.analytics.google.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-5L520R6YSE&gtm=45je4430v867621763z8832217979za200&_p=1712439432073&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1494262109.1712439432&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&dp=%2F&sid=1712439432&sct=1&seg=0&dl=https%3A%2F%2Fportal.healthycontributions.com%2F&dt=Healthy%20Contributions&en=page_view&_fv=1&_nsi=1&_ss=1&ep.client_container_info=GTM-TTVZTF5%20v20&tfd=2277
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5L520R6YSE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 21:37:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.healthycontributions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5L520R6YSE&cid=1494262109.1712439432&gtm=45je4430v867621763z8832217979za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5L520R6YSE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 21:37:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.healthycontributions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
collect
www.google-analytics.com/j/ 		4 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=779026686&t=pageview&_s=1&dl=https%3A%2F%2Fportal.healthycontributions.com%2F&ul=en-us&de=UTF-8&dt=Healthy%20Contributions&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAEABAAAAACAAI~&jid=530920319&gjid=1437132744&cid=1494262109.1712439432&tid=UA-2458066-25&_gid=34988607.1712439432&_r=1&_slc=1&gtm=45He4430n81TTVZTF5v832217979za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1178391394
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 21:37:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.healthycontributions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202403.1.0/ 		442 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
s7qm2vbmUNglr6Jt5k9KHA==
age
13004
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
109676
x-ms-lease-status
unlocked
last-modified
Thu, 21 Mar 2024 07:04:35 GMT
server
cloudflare
etag
0x8DC49752A75EB01
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf429dd5d61-FRA
287198274815014
connect.facebook.net/signals/config/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/287198274815014?v=2.9.152&r=stable&domain=portal.healthycontributions.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d39761d64c1b2c1a9409943045d00ab07f0f02e6f8a4f85f1b873e144cdf4b5c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Apr 2024 21:37:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=63, mss=1326, tbw=63227, tp=-1, tpl=-1, uplat=56, ullat=0
pragma
public
x-fb-debug
rIW5UKT+++WrXL4PMrK+6VAI7BqKFDEgsnab2368s0qEwRKTyIhjaw5Xxh3ls+8EQCwUS2bP+eSSbdQ6cCCbqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
65cf65ad02116c0fc1a0d091
app.launchdarkly.com/sdk/goals/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/65cf65ad02116c0fc1a0d091
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://portal.healthycontributions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sat, 06 Apr 2024 21:37:12 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220119-FRA
x-timer
S1712439433.548575,VS0,VE96
eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
app.launchdarkly.com/sdk/evalx/65cf65ad02116c0fc1a0d091/contexts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/65cf65ad02116c0fc1a0d091/contexts/eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://portal.healthycontributions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sat, 06 Apr 2024 21:37:12 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220119-FRA
x-timer
S1712439433.548587,VS0,VE99
65cf65ad02116c0fc1a0d091
app.launchdarkly.com/sdk/goals/ 		2 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/65cf65ad02116c0fc1a0d091
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://portal.healthycontributions.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.10
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Sat, 06 Apr 2024 21:37:12 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220119-FRA
x-timer
S1712439433.666079,VS0,VE97
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
app.launchdarkly.com/sdk/evalx/65cf65ad02116c0fc1a0d091/contexts/ 		197 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/65cf65ad02116c0fc1a0d091/contexts/eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4bb35026779b0fbb9d8add168bde43b7bec51808c0f7064ffcf607c235fb481c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://portal.healthycontributions.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.10
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:13 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
119
x-served-by
cache-fra-eddf8230112-FRA, cache-fra-etou8220119-FRA
x-timer
S1712439433.669740,VS0,VE525
etag
"0dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2458066-25&cid=1494262109.1712439432&jid=530920319&gjid=1437132744&_gid=34988607.1712439432&npa=1&_u=YADAAEAAAAAAACAAI~&z=2143690603
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Apr 2024 21:37:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.healthycontributions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.429236d560f51d186b8b.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.429236d560f51d186b8b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3114807.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
127146
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55714
last-modified
Fri, 05 Apr 2024 10:17:11 GMT
etag
"f153d7cc62fba42a4a256996815cbb73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VsMNYAJ4MiXQZkYRlSTPlpRN8vaup78xcZgLmm1ootFJeMVY3oEfnw==
me
portal-api.healthycontributions.com/user/ 		95 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal-api.healthycontributions.com/user/me
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
85cf5d52dadb01d7f07fb67b3f399066b6bc444e6e8c1df3622c631ebc87e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Pragma
no-cache
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://portal.healthycontributions.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains;
X-CDN
Imperva
X-Powered-By
ASP.NET
X-Iinfo
4-38136259-38136262 NNNN CT(162 323 0) RT(1712439433125 25) q(0 0 5 0) r(7 8) U12
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1844192797", dtTao;desc="1"
Content-Length
182
X-XSS-Protection
1; mode=block
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://portal.healthycontributions.com
Access-Control-Expose-Headers
Content-Disposition
Access-Control-Allow-Credentials
true
x-incap-sess-cookie-hdr
I138dZ2gkTt5WJN+hOGMBonAEWYAAAAA3E6wXjJmPkN7rA4vcqXl3A==
Timing-Allow-Origin
*
me
portal-api.healthycontributions.com/user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://portal-api.healthycontributions.com/user/me
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
pragma
Access-Control-Request-Method
GET
Origin
https://portal.healthycontributions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
pragma
Access-Control-Allow-Origin
https://portal.healthycontributions.com
Access-Control-Expose-Headers
Content-Disposition
Content-Length
0
Date
Sat, 06 Apr 2024 21:37:13 GMT
Server-Timing
dtSInfo;desc="0", dtRpid;desc="78773188", dtTao;desc="1"
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Timing-Allow-Origin
*
X-CDN
Imperva
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Iinfo
3-34039016-34039020 NNNN CT(154 328 0) RT(1712439432328 28) q(0 0 5 3) r(6 7) U6
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
x-incap-sess-cookie-hdr
7NNmGVXizgl5WJN+hOGMBonAEWYAAAAAOJNTtBIfNOdUoiMJrTZr7w==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2458066-25&cid=1494262109.1712439432&jid=530920319&npa=1&_u=YADAAEAAAAAAACAAI~&z=1367535351
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 21:37:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
en.json
cdn.cookielaw.org/consent/8f8e880c-c08d-400d-bb39-9cc811b634b4/018e8099-0193-7f46-b9a6-6ea31b0cd417/ 		46 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8f8e880c-c08d-400d-bb39-9cc811b634b4/018e8099-0193-7f46-b9a6-6ea31b0cd417/en.json
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f4881685d92fe29a8fce1ec15d3293f3e1ce1bcd34c28cc355feed0a4f059f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
32280
content-md5
pl4gCexVENAIhueIdk1+xg==
content-length
13534
x-ms-lease-status
unlocked
last-modified
Wed, 27 Mar 2024 15:54:45 GMT
server
cloudflare
etag
0x8DC4E763915B4CD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
901e0e57-501e-006f-745f-803370000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf61ee4975e-FRA
expires
Sun, 07 Apr 2024 21:37:12 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=287198274815014&ev=PageView&dl=https%3A%2F%2Fportal.healthycontributions.com%2F&rl=&if=false&ts=1712439432660&sw=800&sh=600&v=2.9.152&r=stable&ec=0&o=4126&fbp=fb.1.1712439432657.119641921&cs_est=true&ler=empty&cdl=API_unavailable&it=1712439432356&coo=false&rqm=GET
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1326, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 21:37:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
3114807
vc.hotjar.io/sessions/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3114807?s=0.25&r=0.18939715138716373
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-70.zrh55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 06 Apr 2024 21:37:12 GMT
cache-control
no-store
via
1.1 e042bf1e56617a2fbe098f111a30b514.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-amz-cf-id
u6-mTx09gdKLWRoDAGdlLXle6oynoFmwxvV8BMe3whtH72I0X2pnWA==
x-cache
Miss from cloudfront
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcCenter.json
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZcF16z2xXnh51d4MuKhe/w==
age
32280
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12808
x-ms-lease-status
unlocked
last-modified
Thu, 21 Mar 2024 07:04:30 GMT
server
cloudflare
etag
0x8DC497527F063BE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
55f51004-701e-0068-6f5f-805f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf6af84975e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
4ErYmXXFNbMLrnc9DrDTsg==
age
40339
x-ms-lease-status
unlocked
last-modified
Thu, 21 Mar 2024 07:04:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6de308bb-d01e-0085-0a5f-80145e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8704eaf6af87975e-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
489 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
40339
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 19:42:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f50d32e6-d01e-0095-0e64-87d136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8704eaf70814975e-FRA
hc_logo.png
cdn.cookielaw.org/logos/2c8f1e47-9f01-4278-a1e1-5bedeb3cf227/b0eb7b51-22ff-4113-ba10-2581736ce1e0/7079ab96-50b2-4e40-a199-b6b06d375efe/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/2c8f1e47-9f01-4278-a1e1-5bedeb3cf227/b0eb7b51-22ff-4113-ba10-2581736ce1e0/7079ab96-50b2-4e40-a199-b6b06d375efe/hc_logo.png
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6125e42e3a41c9379e92c5e021e00d385a5f9ebae9eb47fd23a35b2732eb0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
VPAk656Hoj12Binr8mOc9Q==
age
40339
content-length
11823
x-ms-lease-status
unlocked
last-modified
Mon, 21 Aug 2023 21:05:49 GMT
server
cloudflare
etag
0x8DBA28A6549B665
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
38616cb3-d01e-0095-0258-79d136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8704eaf71c565d61-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Apr 2024 21:37:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
76796
x-ms-lease-status
unlocked
last-modified
Thu, 04 Apr 2024 19:42:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
29b883fd-b01e-0015-0b8c-872e30000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8704eaf71c595d61-FRA
eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
clientstream.launchdarkly.com/eval/65cf65ad02116c0fc1a0d091/ 		218 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/65cf65ad02116c0fc1a0d091/eyJraW5kIjoiaGMtYWRtaW4iLCJrZXkiOiJoYy1hZG1pbiJ9
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://portal.healthycontributions.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:13 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
504
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
65cf65ad02116c0fc1a0d091
events.launchdarkly.com/events/diagnostic/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/65cf65ad02116c0fc1a0d091
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-129-80.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://portal.healthycontributions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sat, 06 Apr 2024 21:37:13 GMT
strict-transport-security
max-age=31536000
65cf65ad02116c0fc1a0d091
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/65cf65ad02116c0fc1a0d091
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-129-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://portal.healthycontributions.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.10
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:13 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
favicon.ico
portal.healthycontributions.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c3a4ed6efbbe96dc27d59e3cd10f14e6289201b6db42d453e74084aeebc997f3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:50 GMT
Server
Microsoft-IIS/10.0
X-CDN
Imperva
ETag
"08bccef1382da1:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
X-Iinfo
4-38136132-38136144 SNNN RT(1712439431841 1393) q(0 0 0 -1) r(1 1) U18
Server-Timing
dtSInfo;desc="0", dtRpid;desc="395424748"
Accept-Ranges
bytes
Content-Length
4286
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=287198274815014&ev=PageView&dl=https%3A%2F%2Fportal.healthycontributions.com%2Fguest%2Fhome&rl=&if=false&ts=1712439434214&sw=800&sh=600&v=2.9.152&r=stable&ec=1&o=4126&fbp=fb.1.1712439432657.119641921&cs_est=true&ler=empty&cdl=API_unavailable&it=1712439432356&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1326, tbw=3120, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 21:37:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Group-Yoga.b1feb35e.png
portal.healthycontributions.com/static/media/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/Group-Yoga.b1feb35e.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2444271ed29b6e01081943b6cae328d1ba63c671790e11355fa9ff004502ea92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/png
X-Iinfo
4-38136132-0 0CNN RT(1712439431841 2134) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=7082, public
Content-Length
1987224
Expires
Sat, 06 Apr 2024 23:35:15 GMT
ash.60b95b5d.svg
portal.healthycontributions.com/static/media/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/ash.60b95b5d.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
33a8a467379b22eca7eae0b5f8a603b754e88adbfdc8dee6f933dd25f2b82a40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:52 GMT
X-CDN
Imperva
Etag
"0b8fdf01382da1:0"
Content-Type
image/svg+xml
X-Iinfo
5-41039620-0 0CNN RT(1712439430994 2980) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=7082, public
Content-Length
3161
Expires
Sat, 06 Apr 2024 23:35:15 GMT
optum.a24b3df2.svg
portal.healthycontributions.com/static/media/ 		51 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/optum.a24b3df2.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8a7ddcfa82d9cec1a90241cbd382e2a5dbe82c776c46375d930733c8c0a4d13d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/svg+xml
X-Iinfo
5-41039728-0 0CNN RT(1712439431861 2117) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=7082, public
Content-Length
35306
Expires
Sat, 06 Apr 2024 23:35:15 GMT
Grandma-Tutu-Blue.84b3d00f.png
portal.healthycontributions.com/static/media/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/Grandma-Tutu-Blue.84b3d00f.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0b6ee7b1bbdcbecaa89994e40fac82d8a913e2661ba815ec493f983e44bc210a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/png
X-Iinfo
4-38136135-0 0CNN RT(1712439431862 2117) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=7083, public
Content-Length
3251679
Expires
Sat, 06 Apr 2024 23:35:16 GMT
logo_white.55271a48.svg
portal.healthycontributions.com/static/media/ 		28 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.healthycontributions.com/static/media/logo_white.55271a48.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
060f35832420845017c9fccffe3cc9ff6a840b8da2dcd280fd6b7439e3b2f254

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Mar 2024 20:01:54 GMT
X-CDN
Imperva
Etag
"0e52ef21382da1:0"
Content-Type
image/svg+xml
X-Iinfo
5-41039694-0 0CNN RT(1712439431701 2281) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=7082, public
Content-Length
21120
Expires
Sat, 06 Apr 2024 23:35:15 GMT
favicon.ico
portal.healthycontributions.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.healthycontributions.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:b4::3e , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c3a4ed6efbbe96dc27d59e3cd10f14e6289201b6db42d453e74084aeebc997f3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://portal.healthycontributions.com/guest/home
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 21:37:13 GMT
Last-Modified
Fri, 29 Mar 2024 20:01:50 GMT
X-CDN
Imperva
Etag
"08bccef1382da1:0"
Content-Type
image/x-icon
X-Iinfo
10-48740698-0 0CNN RT(1712439431718 2261) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=28800, public
Content-Length
4286
Expires
Sun, 07 Apr 2024 05:37:13 GMT
65cf65ad02116c0fc1a0d091
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/65cf65ad02116c0fc1a0d091
Requested by
Host: portal.healthycontributions.com
URL: https://portal.healthycontributions.com/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-129-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-LaunchDarkly-Payload-ID
d6059510-f45d-11ee-a10b-edac38a01612
X-LaunchDarkly-Event-Schema
4
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://portal.healthycontributions.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.10
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 21:37:15 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
65cf65ad02116c0fc1a0d091
events.launchdarkly.com/events/bulk/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/65cf65ad02116c0fc1a0d091
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.226.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-129-80.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://portal.healthycontributions.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sat, 06 Apr 2024 21:37:15 GMT
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5L520R6YSE&cid=1494262109.1712439432&gtm=45je4430v867621763z8832217979za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1598380521
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2458066-25&cid=1494262109.1712439432&jid=530920319&npa=1&_u=YADAAEAAAAAAACAAI~&z=1367535351

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dT_ object| dtrum object| dynatrace object| dataLayer object| OneTrustStub function| OptanonWrapper function| getCookie function| reloadOTBanner object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq object| webpackJsonp function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| Optanon object| OneTrust

20 Cookies

Domain/Path Name / Value
employeewellnesshealthycontributions.com/ Name: crumb
Value: BRw7rfU/XqjtNTAxNmZiMWFlNjEwOTM5ZGFiYzljMjY2YjNiYWUy
.healthycontributions.com/ Name: visid_incap_962235
Value: kpVr540KQrmz04NxjA4gOIXAEWYAAAAAQUIPAAAAAAC3A5c9QVPU/b6eCar3FDMA
.healthycontributions.com/ Name: nlbi_962235
Value: i2drJE4b0US9inueAocobwAAAAC2iqOlU1HWedykFOY07jhT
.healthycontributions.com/ Name: incap_ses_472_962235
Value: YGcPeP5LLxWgVZN+hOGMBobAEWYAAAAAd0gjoMb4Qo4NAK4hyPrCIg==
.healthycontributions.com/ Name: dtCookie
Value: v_4_srv_4_sn_D8C285903B131F5D48E05B6E2704586D_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0_app-3A421cf23b527f10cd_0_rcs-3Acss_0
.healthycontributions.com/ Name: visid_incap_2923225
Value: 5r4+wMcRSniJpy8okTtkVIfAEWYAAAAAQUIPAAAAAAA6aeidQJQ39HLNUGSBlpCm
.healthycontributions.com/ Name: nlbi_2923225
Value: OJ4AJzQI/g2M8s852GS6JwAAAABd4oVHV5TEx+Sk1YI5f2Bm
.healthycontributions.com/ Name: incap_ses_472_2923225
Value: GhRab44v6yrIVpN+hOGMBofAEWYAAAAAOlFp0CF4IYgmNUUE7gOQuA==
.healthycontributions.com/ Name: _ga
Value: GA1.2.1494262109.1712439432
.healthycontributions.com/ Name: _gid
Value: GA1.2.34988607.1712439432
.healthycontributions.com/ Name: _gat_UA-2458066-25
Value: 1
.healthycontributions.com/ Name: _fbp
Value: fb.1.1712439432657.119641921
.healthycontributions.com/ Name: _hjSessionUser_3114807
Value: eyJpZCI6IjFlOGJhZDUwLTM2MzEtNTA5Mi05YTMyLWY3MzY2NjQxZTYyNiIsImNyZWF0ZWQiOjE3MTI0Mzk0MzI3MjAsImV4aXN0aW5nIjpmYWxzZX0=
.healthycontributions.com/ Name: _hjSession_3114807
Value: eyJpZCI6IjNjNzRlZGVlLTk4ZWYtNDdkOS05NWIzLWUyY2IwN2U2MWE4ZiIsImMiOjE3MTI0Mzk0MzI3MjEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.healthycontributions.com/ Name: _gcl_au
Value: 1.1.1067361775.1712439433
.healthycontributions.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Apr+06+2024+23%3A37%3A12+GMT%2B0200+(Central+European+Summer+Time)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=e006e88a-593a-4537-9b10-45a977ae4bd4&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fportal.healthycontributions.com%2F&groups=BG257%3A1%2CC0001%3A1%2CC0003%3A1%2CBG258%3A1%2CC0002%3A1%2CC0004%3A1
.healthycontributions.com/ Name: visid_incap_2923231
Value: VIdmQHZsRna2Wb3pRULevojAEWYAAAAAQUIPAAAAAACFblVXt5+xqXixLjr74eTO
.healthycontributions.com/ Name: nlbi_2923231
Value: gKP2ENQNKRY9vXWqpshmCAAAAABfsI5z6cJO1TQXM472zfRG
.healthycontributions.com/ Name: incap_ses_472_2923231
Value: y78GCmOqrnJ5WJN+hOGMBonAEWYAAAAAoGQh0bWtoNd6W+MbUE0lXA==
.healthycontributions.com/ Name: _ga_5L520R6YSE
Value: GS1.1.1712439432.1.1.1712439435.57.0.0

3 Console Messages

Source Level URL
Text
security error URL: https://portal.healthycontributions.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5L520R6YSE&cid=1494262109.1712439432&gtm=45je4430v867621763z8832217979za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1598380521' because it violates the following Content Security Policy directive: "img-src 'self' data: https://maps.gstatic.com/mapfiles/ https://maps.googleapis.com/maps/ *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.facebook.com https://static.hotjar.com/ https://script.hotjar.com https://cdn.cookielaw.org".
security error URL: https://portal.healthycontributions.com/(Line 5)
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2458066-25&cid=1494262109.1712439432&jid=530920319&npa=1&_u=YADAAEAAAAAAACAAI~&z=1367535351' because it violates the following Content Security Policy directive: "img-src 'self' data: https://maps.gstatic.com/mapfiles/ https://maps.googleapis.com/maps/ *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com *.facebook.com https://static.hotjar.com/ https://script.hotjar.com https://cdn.cookielaw.org".
other warning URL: https://connect.facebook.net/signals/config/287198274815014?v=2.9.152&r=stable&domain=portal.healthycontributions.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.cookielaw.org
clientstream.launchdarkly.com
connect.facebook.net
employeewellnesshealthycontributions.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
portal-api.healthycontributions.com
portal.healthycontributions.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.healthycontributions.com
www.google.de
13.32.27.54
151.101.2.217
18.165.183.70
18.66.102.106
198.49.23.144
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:4400::6812:2089
2606:4700::6813:b134
2a00:1450:4001:80b::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
2a02:e980:b4::3e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.226.129.80
76.223.31.44
060f35832420845017c9fccffe3cc9ff6a840b8da2dcd280fd6b7439e3b2f254
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
0b6ee7b1bbdcbecaa89994e40fac82d8a913e2661ba815ec493f983e44bc210a
112a7a501e8cece0e9425e71c0573dd58c210751bb216d42a4b70bd51dafbbaf
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23deefe4154cd3c2643fdcd8e0543ead35cc77e9fc22459beb4ba9b3573bc82b
2444271ed29b6e01081943b6cae328d1ba63c671790e11355fa9ff004502ea92
2ab2773e907584735488ff0c0f96016d4c2eeeb83e182b4510e038eb7d0dfa41
33a8a467379b22eca7eae0b5f8a603b754e88adbfdc8dee6f933dd25f2b82a40
33f4881685d92fe29a8fce1ec15d3293f3e1ce1bcd34c28cc355feed0a4f059f
35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577
4bb35026779b0fbb9d8add168bde43b7bec51808c0f7064ffcf607c235fb481c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5588624aacaba6fc6a19a621e41cd8c19cc2b2035e29791b2a921183c7700de3
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6e8a61b824f4762c554d2704d75613fdc4efcae975b718602bfd3923d0407955
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cf5d52dadb01d7f07fb67b3f399066b6bc444e6e8c1df3622c631ebc87e259
8707d4ebe835a5fabf01797531d1ea8acadc8a8a933e3ce5da64e3e3da65251a
8a7ddcfa82d9cec1a90241cbd382e2a5dbe82c776c46375d930733c8c0a4d13d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
991b27d9f23a335120048e964a908891b37434d98ee22a0fc18217e1ce444c32
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1aee791e3997e64e46e59eb2007b1901652a33314365ee06977d7c3ec5d4980
b30a77fd60bfc7ae41f89c74e21a138df0c1c82ee090208256ac79bd8a00a9b3
c3a4ed6efbbe96dc27d59e3cd10f14e6289201b6db42d453e74084aeebc997f3
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6e8f19d14c29866171972170f2786d3ea0feee2b3db438d8864d9e988bceb8d
ca4e273a807a576ff49fdef348d57bbc75c75662727468cf3018d60dbb12c2c9
cb1a0b0a9b0a586bdb9bb97b1abf8b3693befbbf7f045942cc871e4233167641
cf6125e42e3a41c9379e92c5e021e00d385a5f9ebae9eb47fd23a35b2732eb0a
d39761d64c1b2c1a9409943045d00ab07f0f02e6f8a4f85f1b873e144cdf4b5c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcc80bf5e0568d173b31bee579c02a725832f916de3656f7a36f94df865d168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9406f54f952d08bb7783886e1e44b18407372ade863da88176b51d0b8109ba
f005fc522843dd2d99c9031a8152bc9675fa79e2b6f81be6283964711573d653
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
f68186039e757e2691b7401340d593d716c6683bc511da7569f20e54407c78f1
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb