employereservices.optum.com Open in urlscan Pro
149.111.149.133  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://cm.everesttech.net/cm/dd?d_uuid=84944588571435503850855518859287866567 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS6PsQAAAGhIjQN8

Request Chain 48

• https://8584968.fls.doubleclick.net/activityi;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do HTTP 302
• https://8584968.fls.doubleclick.net/activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do

Request Chain 64

• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODQ5NDQ1ODg1NzE0MzU1MDM4NTA4NTU1MTg4NTkyODc4NjY1Njc= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODQ5NDQ1ODg1NzE0MzU1MDM4NTA4NTU1MTg4NTkyODc4NjY1Njc=&google_tc= HTTP 302
• https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEV_cRcRKyeDmHYb7tG1qOM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 65

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=employereservices.optum.com&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=employereservices.optum.com&ttd_tpi=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=96199edd-2d7d-407f-89aa-146064a4bdcf

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.do Show response employereservices.optum.com/ees/prelogin/	7 KB 8 KB	6203ms 1311ms	Document text/html	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash bf2f207a0849946b7b7c4b1bcef3a8de119a13a3ecb0c359a1e3050016dfb5c8 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Access-Control-Allow-Methods GET, POST, PUT Connection Keep-Alive Content-Language zh-SG Content-Length 7093 Content-Type text/html;charset=ISO-8859-1 Date Tue, 17 Oct 2023 13:44:06 GMT Keep-Alive timeout=10, max=1000 Server-Timing dtSInfo;desc="0", dtRpid;desc="-1275595445" Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-OneAgent-JS-Injection true X-ruxit-JS-Agent true
GET H/1.1	200 OK	ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Show response employereservices.optum.com/	190 KB 75 KB	507ms 505ms	Script text/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 8144a143bc52a5531c6b05818dcdac795577a1c7d799662e1e880c8f005fd590 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:07 GMT Content-Encoding gzip Strict-Transport-Security max-age=16070400; includeSubDomains; preload Last-Modified Wed, 03 Mar 2010 07:01:40 GMT Access-Control-Allow-Methods GET, POST, PUT Content-Type text/javascript; charset=utf-8 Cache-Control public, max-age=31536000, immutable Connection Keep-Alive Keep-Alive timeout=10, max=999 Content-Length 76575 Expires Wed, 16 Oct 2024 13:44:07 GMT
GET H/1.1	200 OK	jquery-3.5.0.min.js Show response employereservices.optum.com/ees/portal-resources/js/jquery/	87 KB 88 KB	1843ms 767ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/jquery/jquery-3.5.0.min.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=1000 Content-Length 89492 Connection Keep-Alive
GET H/1.1	200 OK	jquery-migrate-3.3.2.js Show response employereservices.optum.com/ees/portal-resources/js/jquery/	11 KB 12 KB	1841ms 764ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/jquery/jquery-migrate-3.3.2.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash d42490c6288f50ed2c60dad5c0e8c916f4f59ada49752918eb985ff6b361ed7a Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="0", dtRpid;desc="-1551770078" Accept-Ranges bytes Keep-Alive timeout=10, max=1000 Content-Length 11223 Connection Keep-Alive
GET H/1.1	200 OK	jquery.plugins.min.js Show response employereservices.optum.com/ees/portal-resources/js/jquery/	735 KB 736 KB	1842ms 763ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/jquery/jquery.plugins.min.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 808b42e01223728592e69f6de77b3d95079c7a498b51ccf54c360794922f3b7a Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="0", dtRpid;desc="1155359745" Accept-Ranges bytes Keep-Alive timeout=10, max=1000 Content-Length 753060 Connection Keep-Alive
GET H/1.1	200 OK	urchin.js Show response employereservices.optum.com/ees/portal-resources/js/	23 KB 23 KB	1728ms 511ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/urchin.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 2eecb4d629c08827826639d207b0eda08f0375207674bcd2936115ef8519e03c Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=1000 Content-Length 23215 Connection Keep-Alive
GET H/1.1	200 OK	common.min.js Show response employereservices.optum.com/ees/portal-resources/js/adobe-analytics/	10 KB 11 KB	1988ms 508ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/adobe-analytics/common.min.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash f940b006fa676da49c2dcca1fb10df0adb21a360c37405765ad709a8b4d66b5c Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=997 Content-Length 10116 Connection Keep-Alive
GET H/1.1	200 OK	pageload.js Show response employereservices.optum.com/ees/portal-resources/js/adobe-analytics/	658 B 1 KB	2344ms 500ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/adobe-analytics/pageload.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 6f8e4374507d50323ea8221a75c1bb186fceac2a3d72bb6be9a21a98d2e70c1d Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:09 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=999 Content-Length 658 Connection Keep-Alive
GET H/1.1	200 OK	common.min.js Show response employereservices.optum.com/ees/portal-resources/js/	43 KB 44 KB	2473ms 511ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/common.min.js?ver=2 Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash c2dd328f2613881170d446e5ce370747795bd3af20d17c49da66cb225bdcb41c Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:09 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="0", dtRpid;desc="1330452329" Accept-Ranges bytes Keep-Alive timeout=10, max=999 Content-Length 44442 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.all.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	292 B 1005 B	1478ms 498ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.all.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 5cec4e67c5d8e359cdb845fce91acbaca0fbc3a4c973c0811c2818b6d9ea93c3 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 292 Connection Keep-Alive
GET H/1.1	200 OK	global-styles.min.css employereservices.optum.com/ees/portal-resources/css/	94 KB 95 KB	1789ms 713ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 1aadbd349f46ddabaadb549d9a368631c23ae2b3d3fb10c3835666af1a42c045 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:08 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=1000 Content-Length 96152 Connection Keep-Alive
GET H/1.1	200 OK	CTA_external_white.svg employereservices.optum.com/ees/portal-resources/images/	602 B 1 KB	741ms 740ms	Image image/svg+xml	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/CTA_external_white.svg Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash b5311a08c4bf52be77a75e2e2bf0ea7e1754673845f9feda56612b56a96423b5 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:10 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/svg+xml Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=999 Content-Length 602 Connection Keep-Alive
GET H2	200	log-in.jpg ees-prod-con.optum.com/content/dam/projects/ees/en_us/prelogin/loginform-section-content/	784 KB 785 KB	2032ms 1426ms	Image image/jpeg	151.101.131.10 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ees-prod-con.optum.com/content/dam/projects/ees/en_us/prelogin/loginform-section-content/log-in.jpg Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.10 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cc611908eb2ec388a76f672d5108000061d7bb09b4fcf5830235a1a91e0a7ce3 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:11 GMT strict-transport-security max-age=31557600 x-content-type-options nosniff content-md5 O06UbyGxbQmg/AuJE/HH9g== x-vhost ees-publish x-cache MISS content-disposition attachment; filename="log-in.jpg"; filename*=UTF-8''log-in.jpg content-length 803307 x-served-by cache-qpg1242-QPG last-modified Sat, 23 Sep 2023 00:32:16 GMT x-timer S1697550250.458582,VS0,VS0,VE1136 etag "0x8DBBBCC89D4C18F" x-frame-options SAMEORIGIN content-type image/jpeg access-control-allow-origin * cache-control no-cache accept-ranges bytes
GET H2	200	prelogin_site_demo_223_90.jpg ees-prod-con.optum.com/content/dam/projects/ees/en_us/prelogin/whats-new-section-content/	25 KB 26 KB	1789ms 1388ms	Image image/jpeg	151.101.131.10 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ees-prod-con.optum.com/content/dam/projects/ees/en_us/prelogin/whats-new-section-content/prelogin_site_demo_223_90.jpg Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.10 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e6db8351209e7b6e177d2d37de20d5a22ae835dfdb0f3ecae46b182a64badebf Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:11 GMT strict-transport-security max-age=31557600 x-content-type-options nosniff content-md5 HT/4Ofe/6+8No/MtGLwbHw== x-vhost ees-publish x-cache MISS content-disposition attachment; filename="prelogin_site_demo_223_90.jpg"; filename*=UTF-8''prelogin_site_demo_223_90.jpg content-length 25929 x-served-by cache-qpg1242-QPG last-modified Fri, 16 Dec 2022 14:12:03 GMT x-timer S1697550250.458560,VS0,VS0,VE1128 etag "0x8DADF6F817681ED" x-frame-options SAMEORIGIN content-type image/jpeg access-control-allow-origin * cache-control no-cache accept-ranges bytes
GET H/1.1	200 OK	login.js Show response employereservices.optum.com/ees/portal-resources/js/pages/	3 KB 3 KB	738ms 737ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/pages/login.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 9382909f39fe07402d50e55179efdb95991402d7b49f0c1899cb3063962fc3f5 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:10 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 2629 Connection Keep-Alive
GET H/1.1	200 OK	footer.js Show response employereservices.optum.com/ees/portal-resources/js/	544 B 1 KB	739ms 737ms	Script application/javascript	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/js/footer.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 9fbfbdbf730fcef547ad03260b477d556551150c269f70c3ca8ecd05266a519f Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:10 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type application/javascript Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 544 Connection Keep-Alive
GET H2	200	detector-dom.min.js Show response cdn.gbqofs.com/uhg/uhceservices/p/	7 KB 2 KB	1169ms 275ms	Script application/javascript	104.18.24.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gbqofs.com/uhg/uhceservices/p/detector-dom.min.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15fa5255f26756b849db83c39bc8af9af9562dc068a193487204e1b3eb3f3f33 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:11 GMT x-amz-version-id yw46s0urXEo2B5WZso1iCPulzTYtrxec content-encoding gzip cf-cache-status HIT via 1.1 1098c68725f26a6e79b4565dded7de38.cloudfront.net (CloudFront) x-amz-cf-pop SIN52-C2 age 2608 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 06 Oct 2023 19:29:12 GMT server cloudflare etag W/"714d919d33c33bbaa3b59f5777210d1b" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8178f98fdb1d89c2-SIN x-amz-cf-id uri8BBIWc6N46HfrJD1eIhDDfxna0T_rpZYVFECl1d48Y0Ng0UQmhw== expires Tue, 17 Oct 2023 17:44:11 GMT
GET H2	200	launch-808f20fa3331.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/	313 KB 90 KB	1967ms 481ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/js/adobe-analytics/common.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4d65ccadabd563f43497d8907c6a71f34567390ae63b9aa645cd7d626d192e79 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:14 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:24 GMT server AkamaiNetStorage etag "54e99bff9c1c5522c6f1426db008f746:1695918024.246906" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * expires Tue, 17 Oct 2023 14:44:14 GMT
GET H/1.1	200 OK	jquery.ui.base.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	149 B 888 B	519ms 518ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.all.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 178779bb647bdb55d5421bd14005f266d1a06e5ed10d689344c62a8b2226a7bb Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:12 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="0", dtRpid;desc="1076230993" Accept-Ranges bytes Keep-Alive timeout=10, max=999 Content-Length 149 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.theme.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	17 KB 18 KB	512ms 512ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.theme.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.all.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash af79aefbf990babf1646b47d02e6df7477bc08aa76564cb24bd998db846559fa Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:12 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=997 Content-Length 17492 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.core.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	1 KB 2 KB	524ms 523ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.core.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash f9a6d9240f020720ed986b1e7726cfdc11d36e32b9cbf76a28a666984c7eb16e Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 1318 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.button.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	2 KB 3 KB	523ms 522ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.button.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash b962603e4e95d6ab2ed3f2f0f2041f07d5d2a2d6377462343f717c3c4cf2fc58 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="0", dtRpid;desc="-720602421" Accept-Ranges bytes Keep-Alive timeout=10, max=997 Content-Length 2472 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.dialog.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	1 KB 2 KB	524ms 523ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.dialog.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 192ce7f04b4c50ac346b898edabec67fd82ce260b62cc31b11b6937d2160f874 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 1359 Connection Keep-Alive
GET H/1.1	200 OK	jquery.ui.datepicker.css employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/	4 KB 5 KB	525ms 524ms	Stylesheet text/css	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.datepicker.css Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 6ab85ef01937cbf42c7d2bf1de83ed1a08ce13c52888a9075c22731afec2b6b0 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/jqueryUI/themes/custom/jquery.ui.base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type text/css Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=999 Content-Length 4062 Connection Keep-Alive
POST H/1.1	200 OK	rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9 Show response employereservices.optum.com/	119 B 752 B	510ms 510ms	XHR text/plain	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9?type=js3&sn=v_4_srv_40_sn_9E68B87D1622477531A93E0F326A28A7_perc_100000_ol_0_mul_1_app-3Ab6fcdf59902d150c_1&svrid=40&flavor=post&vi=AAFUARUIPLCQWCIFWIVHJFFMEFBIKHPK-0&modifiedSince=1696568589706&rf=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&bp=3&app=b6fcdf59902d150c&crc=3339072500&en=mvj6kfls&end=1 Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 94783810ff4c024a5bc50a988f64a436c0f2de3c3076a5b116580e709467f154 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload Request headers Referer https://employereservices.optum.com/ees/prelogin/login.do accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload Access-Control-Allow-Methods GET, POST, PUT Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://employereservices.optum.com Connection Keep-Alive Keep-Alive timeout=10, max=996 Content-Length 119
GET H/1.1	200 OK	__utm.gif employereservices.optum.com/ees/EmployerPortal/	35 B 748 B	504ms 504ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/EmployerPortal/__utm.gif?utmwv=1.3&utmn=755856981&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Employer%20eServices&utmhn=employereservices.optum.com&utmhid=950473516&utmr=-&utmp=/prelogin/login.do Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=998 Content-Length 35 Connection Keep-Alive
GET H2	200	detector-dom.current.js Show response cdn.gbqofs.com/uhg/common/	480 KB 145 KB	265ms 264ms	Script application/javascript	104.18.24.13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/uhceservices/p/detector-dom.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.13 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08edfcf91807f9413ee75e9661669f4d636a439f0c92732d0422366f901cd4f9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:13 GMT x-amz-version-id vHNPqQN8XcLYIwOS3QDCfw1WShIpripF content-encoding gzip cf-cache-status HIT via 1.1 41070430d996a3d61ee3be22d11b328e.cloudfront.net (CloudFront) x-amz-cf-pop HYD57-P1 age 6943 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 08 Sep 2023 19:56:28 GMT server cloudflare etag W/"63431a596380150afc9ead741b48fad9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8178f99beabb89c2-SIN x-amz-cf-id dHMoUZZI_fcs4QuP3AAzGD7K6LrKHYoLZDZqH8fDCpjnfyWpw01FZQ== expires Tue, 17 Oct 2023 17:44:13 GMT
GET H/1.1	200 OK	body_bg.gif employereservices.optum.com/ees/portal-resources/images/layout/	777 B 1 KB	500ms 499ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/body_bg.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 483a7143e6dc72956836a07ef623cb29197ebc5bf5f72d2c89128c86023c8547 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=997 Content-Length 777 Connection Keep-Alive
GET H/1.1	200 OK	page_top_cap.gif employereservices.optum.com/ees/portal-resources/images/layout/	436 B 1 KB	534ms 533ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/page_top_cap.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 12d4b028e9dd5690c6cba790870117367fb3b6503a9773bfceeab91cf9d9bf13 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=996 Content-Length 436 Connection Keep-Alive
GET H/1.1	200 OK	content_container_bg.gif employereservices.optum.com/ees/portal-resources/images/layout/	1 KB 2 KB	537ms 536ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/content_container_bg.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 0fea2784bbc4600b8f8afde3abc5f5eac45f0358529a7711fb9f5965c5d033e9 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=997 Content-Length 1275 Connection Keep-Alive
GET H/1.1	200 OK	tabbed_header_left.gif employereservices.optum.com/ees/portal-resources/images/layout/	68 B 781 B	985ms 499ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/tabbed_header_left.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 96e8a1739a227242d7c13b46c4be1a1a1640723f5145379e29cf9dfb25f825f7 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:14 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=996 Content-Length 68 Connection Keep-Alive
GET H/1.1	200 OK	tabbed_header_right.gif employereservices.optum.com/ees/portal-resources/images/layout/	68 B 781 B	915ms 499ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/tabbed_header_right.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash b1af83fb2900019f20d8e86c0c2253a892f850e5c07851c0600b0150b7c3a903 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=995 Content-Length 68 Connection Keep-Alive
GET H/1.1	200 OK	page_bottom_cap.gif employereservices.optum.com/ees/portal-resources/images/layout/	436 B 1 KB	538ms 537ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/page_bottom_cap.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 16a88efd8dc3feeac9a91a0ed29eef2dc98668daf202f0b2eee29b1acd53d448 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/portal-resources/css/global-styles.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:13 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="0", dtRpid;desc="-48935282" Accept-Ranges bytes Keep-Alive timeout=10, max=996 Content-Length 436 Connection Keep-Alive
GET BLOB	200 OK	1907997a-1927-4c20-bcd1-ec0df5e3f043 https://employereservices.optum.com/	75 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://employereservices.optum.com/1907997a-1927-4c20-bcd1-ec0df5e3f043 Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Length 75 Content-Type application/javascript
GET H/1.1	200 OK	id Show response dpm.demdex.net/	982 B 1 KB	1893ms 457ms	XHR application/json	54.190.231.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1697550254800 Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-231-22.us-west-2.compute.amazonaws.com Software / Resource Hash e0f0701bbf64eb7d4ba600476fc7aa02689e35a47e577936b662f3c531050e1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://employereservices.optum.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-usw2-1-v048-04bb95f98.edge-usw2.demdex.com 7 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID Ddtl2BD9SZs= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://employereservices.optum.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 565 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/	34 KB 12 KB	466ms 466ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:15 GMT content-encoding gzip last-modified Thu, 22 Sep 2022 16:16:49 GMT server AkamaiNetStorage etag "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12384 expires Tue, 17 Oct 2023 14:44:15 GMT
GET H2	200	RC570dcb637fba4f03ab8b42bb554d9d93-source.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/	577 B 596 B	672ms 671ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/RC570dcb637fba4f03ab8b42bb554d9d93-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 23e7f226c3692cba86c45e9cf1fb87d3ef0bf7b799e125ee3120962c2b62aeb5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:15 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:25 GMT server AkamaiNetStorage etag "7eb0fa1fb90c7f562d668899e0d6f33b:1695918025.338998" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 331 expires Tue, 17 Oct 2023 14:44:15 GMT
GET H2	200	RCc12595f3f0f34eb393adcf34fe5a8f38-source.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/	593 B 621 B	469ms 467ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/RCc12595f3f0f34eb393adcf34fe5a8f38-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 15b7ded428ceb152ea290e7aafb52f48c2c1b847ead6dc75cc40f64e5383a2a2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:15 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:25 GMT server AkamaiNetStorage etag "7eb0fa1fb90c7f562d668899e0d6f33b:1695918025.338998" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 356 expires Tue, 17 Oct 2023 14:44:15 GMT
GET H2	200	RC0a230100fa5e4356bf4271890f3a35af-source.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/	1 KB 930 B	689ms 688ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/RC0a230100fa5e4356bf4271890f3a35af-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 1bbe0b2b8df05c8febcf6a5508bd4f648b55def86c9dca7b467a192fe4497e8d Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:15 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:25 GMT server AkamaiNetStorage etag "7eb0fa1fb90c7f562d668899e0d6f33b:1695918025.338998" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 665 expires Tue, 17 Oct 2023 14:44:15 GMT
GET H2	200	RC64de7ac9fad944d78a474d2fd0744fe6-source.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/	950 B 869 B	687ms 686ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/RC64de7ac9fad944d78a474d2fd0744fe6-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 24e36495701cf17f31494df0be9bb91ffef1f18f061f944426f018dc3f6bdbb8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:15 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:25 GMT server AkamaiNetStorage etag "7eb0fa1fb90c7f562d668899e0d6f33b:1695918025.338998" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 604 expires Tue, 17 Oct 2023 14:44:15 GMT
GET H/1.1	200 OK	cls_report Show response report.uhg.gbqofs.io/glassbox/reporting/3ed1ac03-3af1-d204-7f07-ae4fb6a1ab96/	5 KB 2 KB	1997ms 475ms	XHR application/json	34.237.250.71 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://report.uhg.gbqofs.io/glassbox/reporting/3ed1ac03-3af1-d204-7f07-ae4fb6a1ab96/cls_report?_cls_s=a136766e-a840-4df6-bd79-27714fd9e71b%3A0&_cls_v=d1018b91-6490-4b91-a280-77de29b08988&pv=2&f_cls_s=true Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.237.250.71 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-250-71.compute-1.amazonaws.com Software GlassBox Cligate / Resource Hash 1baa69b72db5b964e31ff0b83ec26353d1e23ddb042ec559740145761b4788a4 Security Headers Name Value Content-Security-Policy default-src 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:17 GMT Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip Content-Security-Policy default-src 'self'; X-Content-Type-Options nosniff Connection keep-alive Content-Length 1044 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Server GlassBox Cligate X-Frame-Options SAMEORIGIN vary origin Content-Type application/json access-control-allow-origin https://employereservices.optum.com access-control-allow-credentials true GB-Server g5025 X-Robots-Tag noindex
GET H2	200	RCbe08cc67bac54c0ab98f9e31fec301b4-source.min.js Show response assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/	776 B 753 B	488ms 488ms	Script application/x-javascript	23.56.25.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/512027f42d3c/21817a78cce0/9096d5fc6503/RCbe08cc67bac54c0ab98f9e31fec301b4-source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.25.51 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-25-51.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 3c1fadf466a28e855b9098e18fbd088e730c5582646909e8a9884fd4432c390d Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:16 GMT content-encoding gzip last-modified Thu, 28 Sep 2023 16:20:25 GMT server AkamaiNetStorage etag "7eb0fa1fb90c7f562d668899e0d6f33b:1695918025.338998" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://employereservices.optum.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 488 expires Tue, 17 Oct 2023 14:44:16 GMT
GET H2	200	/ Show response zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/	8 KB 4 KB	987ms 379ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7250e4a48a2b66a9fb15a69aebc6985f95bb94ad1e89ab72170f77c28ee25c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 301760 cf-polished origSize=9155 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"23c3-mrY6Ed/Gxq4vU4fwsuRv2p/EWok" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9b14cc1a11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	178 KB 65 KB	1176ms 272ms	Script application/javascript	74.125.130.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-8584968 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f97.1e100.net Software Google Tag Manager / Resource Hash b90ff7f04012c60381c9aeb47db048fc728c4ead6f6ab1bf4e235402331a5be1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66427 x-xss-protection 0 last-modified Tue, 17 Oct 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 17 Oct 2023 13:44:17 GMT
GET H/1.1	200 OK	dest5.html Show response unitedhealthgroup.demdex.net/ Frame 429B	7 KB 3 KB	1874ms 449ms	Document text/html	54.190.231.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/512027f42d3c/21817a78cce0/launch-808f20fa3331.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-231-22.us-west-2.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://employereservices.optum.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcscanary-prod-usw2-1-v065-0cd977c8a.edge-usw2.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID YO0Zkx7DQbQ= content-encoding gzip date Tue, 17 Oct 2023 13:44:18 GMT last-modified Mon, 9 Oct 2023 08:33:51 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=ZS6PsQAAAGhIjQN8 dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=84944588571435503850855518859287866567 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS6PsQAAAGhIjQN8	42 B 942 B	458ms 457ms	Image image/gif	54.190.231.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS6PsQAAAGhIjQN8 Protocol HTTP/1.1 Server 54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-231-22.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers DCS dcs-prod-usw2-1-v048-0f60a47d5.edge-usw2.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 5Jc1Q/ovR4M= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS6PsQAAAGhIjQN8 Date Tue, 17 Oct 2023 13:44:17 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	s04987942284555 smetrics.optum.com/b/ss/uhgemployereservicesprod/1/JS-2.23.0-LDQM/	43 B 373 B	1437ms 450ms	Image image/gif	63.140.36.117 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smetrics.optum.com/b/ss/uhgemployereservicesprod/1/JS-2.23.0-LDQM/s04987942284555?AQB=1&ndh=1&pf=1&t=17%2F9%2F2023%2021%3A44%3A16%202%20-480&mid=87942983995637673840303596331455132462&aamlh=9&ce=UTF-8&pageName=uhc%3Aees%3Aprelogin%3Alogin&g=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&cc=USD&server=employereservices.optum.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dg&v1=uhc&v2=ees&v3=D%3Dg&c12=employereservices.optum.com&c13=%2Fees%2Fprelogin%2Flogin.do&c23=not-logged-in&v23=not-logged-in&c25=D%3DpageName&v25=D%3DpageName&c27=10.7&v38=e%26b&c63=D%3DpageName&c71=en&v86=ees&v106=1600%20x%201200&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.36.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-63-140-36-117.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Tue, 17 Oct 2023 13:44:17 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 18 Oct 2023 13:44:17 GMT server jag etag 3645461418609278976-4617766106746780451 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Mon, 16 Oct 2023 13:44:17 GMT
GET H2	200	12.52cbbcf53287bbd2bb03.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	69 KB 21 KB	289ms 288ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/12.52cbbcf53287bbd2bb03.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=employereservices.optum.com Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash beb2f8bbbd49243623d9436e4b4ccaa979d6f5f5cf4c70ff33bc6dd93ca7a741 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 20041 cf-polished origSize=71571 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 09 Oct 2023 17:51:04 GMT cf-bgj minify server cloudflare etag W/"11793-18b15905b40" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9b3bf0fa11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	68 KB 6 KB	535ms 535ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09d2a60ce0b8effff62a63068748132490a2d8c2838461b4340ccc7667f86262 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://employereservices.optum.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 17 Oct 2023 13:44:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://employereservices.optum.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id ee22e2e768d33347 cf-ray 8178f9b5c949a11e-SIN timing-allow-origin *
GET H2	200	activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2... Show response 8584968.fls.doubleclick.net/ Frame 5A42 Redirect Chain https://8584968.fls.doubleclick.net/activityi;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com... https://8584968.fls.doubleclick.net/activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3...	528 B 475 B	310ms 309ms	Document text/html	74.125.130.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8584968.fls.doubleclick.net/activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f149.1e100.net Software cafe / Resource Hash 02ac91aa6e7312a59f1056c1180a800e9589bdac05b956efb71ea417b01dbb87 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://employereservices.optum.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 300 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 17 Oct 2023 13:44:18 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 17 Oct 2023 13:44:18 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8584968.fls.doubleclick.net/activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ytc.js Show response s.yimg.com/wi/	18 KB 7 KB	1154ms 254ms	Script application/javascript	106.10.236.37 YAHOO-SG3 interne...
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 106.10.236.37 , Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG), Reverse DNS o1.ycpi.vip.sg3.yahoo.com Software ATS / Resource Hash 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:40:14 GMT x-amz-version-id xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW content-encoding gzip strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id SGQ4NHPS9KHASRWM age 245 x-amz-server-side-encryption AES256 x-amz-id-2 ZcRp+nG5wHK5zjXrIi/gvx5eS21p56bVWgOaT1besJ6JM8X3zMWKFoA2AzXXl73phtJaQgrE+wc= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Mon, 26 Jun 2023 09:26:35 GMT server ATS etag "5c6ed25dce803fd84288922b8928409e-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=3600 accept-ranges bytes
GET H2	200	wrapper.js Show response universal.iperceptions.com/	9 KB 4 KB	1189ms 263ms	Script application/javascript	13.227.254.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://universal.iperceptions.com/wrapper.js Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ees/prelogin/login.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-10.sin52.r.cloudfront.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 17 Oct 2023 13:43:08 GMT content-encoding gzip via 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront) content-md5 d5YIeO59lrTqhttidyvULA== age 69 x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-ms-lease-status unlocked last-modified Mon, 22 Mar 2021 18:02:49 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 0a7f020a-901e-0004-7b03-ff1c4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-amz-cf-id XenmZgCAHChNhBSgQQDrr6sSx_B6F9ugYRpe6NOzA0XpNa-vN8_dEA==
POST H/1.1	200 OK	cls_report Show response report.uhg.gbqofs.io/glassbox/reporting/3ed1ac03-3af1-d204-7f07-ae4fb6a1ab96/	5 KB 2 KB	703ms 702ms	XHR application/json	34.237.250.71 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://report.uhg.gbqofs.io/glassbox/reporting/3ed1ac03-3af1-d204-7f07-ae4fb6a1ab96/cls_report?clsjsv=6.6.116B255&_cls_s=a136766e-a840-4df6-bd79-27714fd9e71b:0&_cls_v=d1018b91-6490-4b91-a280-77de29b08988&pid=8c6f6cb5-a225-4325-9c1f-4a8d1edef988&cls_e=a136766e-a840-4df6-bd79-27714fd9e71b:16484637746549&sn=1&cfg&pv=2&aid= Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.237.250.71 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-250-71.compute-1.amazonaws.com Software GlassBox Cligate / Resource Hash 3941a4ae45943183fcd0f7f6ae32e08fd9d8dd5cf19683af47b74bc0cbfdc789 Security Headers Name Value Content-Security-Policy default-src 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://employereservices.optum.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Tue, 17 Oct 2023 13:44:18 GMT Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip Content-Security-Policy default-src 'self'; X-Content-Type-Options nosniff Connection keep-alive Content-Length 1029 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Server GlassBox Cligate X-Frame-Options SAMEORIGIN vary origin Content-Type application/json access-control-allow-origin https://employereservices.optum.com access-control-allow-credentials true GB-Server g5025 X-Robots-Tag noindex
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	102 KB 32 KB	285ms 284ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/12.52cbbcf53287bbd2bb03.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=employereservices.optum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 617795824f268204fce200417ba784cf0ad062c0c1613d5a114c457bc503ff8b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 20033 cf-polished origSize=105688 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 09 Oct 2023 17:51:04 GMT cf-bgj minify server cloudflare etag W/"19cd8-18b15905b40" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9b92d17a11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	7.6a5abbaac1addb20b44a.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	2 KB 1 KB	279ms 279ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/7.6a5abbaac1addb20b44a.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 243d7f52bc723643e7fd076024b91882b2890a851bb4490d74599de930f94edf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 20033 cf-polished origSize=2904 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 09 Oct 2023 17:51:04 GMT cf-bgj minify server cloudflare etag W/"b58-18b15905b40" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9bb7f7da11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	1.a605478b456b5ddb983a.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	28 KB 7 KB	280ms 280ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.a605478b456b5ddb983a.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c7432cbb5f36d9b00b72311825f7caab51cbbc29f387ec8a2b3b35e781a7351 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 20033 cf-polished origSize=29370 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 09 Oct 2023 17:51:04 GMT cf-bgj minify server cloudflare etag W/"72ba-18b15905b40" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9bb7f7ea11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	FeedbackButtonModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	63 KB 23 KB	272ms 272ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise Requested by Host: siteintercept.qualtrics.com URL: https://siteintercept.qualtrics.com/dxjsmodule/12.52cbbcf53287bbd2bb03.chunk.js?Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&Q_BRANDID=employereservices.optum.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d276c47343bb731bd426b7414b9c1bda826998888df6fadd73fc49adf9b1ef64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Tue, 17 Oct 2023 13:44:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 20023 cf-polished origSize=65278 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 09 Oct 2023 17:51:04 GMT cf-bgj minify server cloudflare etag W/"fefe-18b15905b40" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9bfcbeaa11e-SIN access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	13 KB 2 KB	867ms 273ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_7W1MNQnoOXEwNMO&Version=29&Q_ORIGIN=https://employereservices.optum.com&Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1a8a11fe0331c06403e4bed9e1780092964e5789533534ff76b98ebd3537d10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers servershortname date Tue, 17 Oct 2023 13:44:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 88108 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 16 Oct 2023 13:15:51 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9bf3d8b40c1-SIN expires Thu, 13 Oct 2033 13:15:51 GMT
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	866ms 272ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_3KO7dqY1GCbiJh4&Version=8&Q_InterceptID=SI_7W1MNQnoOXEwNMO&Q_ORIGIN=https://employereservices.optum.com&Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77ced5a5c0bf56086e190c9218f6438b3e0d5e7042810548f89b876aaf98808c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers servershortname date Tue, 17 Oct 2023 13:44:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 96038 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 16 Oct 2023 11:03:41 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 8178f9bf3d8d40c1-SIN expires Thu, 13 Oct 2033 11:03:41 GMT
GET H/1.1	200 OK	body_bg.gif employereservices.optum.com/ees/portal-resources/images/layout/	777 B 1 KB	503ms 503ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/body_bg.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 483a7143e6dc72956836a07ef623cb29197ebc5bf5f72d2c89128c86023c8547 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:19 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=995 Content-Length 777 Connection Keep-Alive
GET H/1.1	200 OK	page_top_cap.gif employereservices.optum.com/ees/portal-resources/images/layout/	436 B 1 KB	502ms 502ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/page_top_cap.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 12d4b028e9dd5690c6cba790870117367fb3b6503a9773bfceeab91cf9d9bf13 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:19 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=994 Content-Length 436 Connection Keep-Alive
GET H/1.1	200 OK	content_container_bg.gif employereservices.optum.com/ees/portal-resources/images/layout/	1 KB 2 KB	506ms 505ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/content_container_bg.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 0fea2784bbc4600b8f8afde3abc5f5eac45f0358529a7711fb9f5965c5d033e9 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:19 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=995 Content-Length 1275 Connection Keep-Alive
GET H/1.1	200 OK	tabbed_header_left.gif employereservices.optum.com/ees/portal-resources/images/layout/	68 B 781 B	503ms 502ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/tabbed_header_left.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 96e8a1739a227242d7c13b46c4be1a1a1640723f5145379e29cf9dfb25f825f7 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:19 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=996 Content-Length 68 Connection Keep-Alive
GET H/1.1	200 OK	tabbed_header_right.gif employereservices.optum.com/ees/portal-resources/images/layout/	68 B 781 B	514ms 513ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/tabbed_header_right.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash b1af83fb2900019f20d8e86c0c2253a892f850e5c07851c0600b0150b7c3a903 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:19 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=995 Content-Length 68 Connection Keep-Alive
GET H/1.1	200 OK	page_bottom_cap.gif employereservices.optum.com/ees/portal-resources/images/layout/	436 B 1 KB	740ms 740ms	Image image/gif	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Show image Full URL https://employereservices.optum.com/ees/portal-resources/images/layout/page_bottom_cap.gif Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 16a88efd8dc3feeac9a91a0ed29eef2dc98668daf202f0b2eee29b1acd53d448 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ees/prelogin/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Tue, 17 Oct 2023 13:44:20 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Fri, 06 Oct 2023 03:50:00 GMT X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, POST, PUT Content-Type image/gif Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Keep-Alive timeout=10, max=994 Content-Length 436 Connection Keep-Alive
GET H/1.1	200 OK	ibs:dpid=771&dpuuid=CAESEEV_cRcRKyeDmHYb7tG1qOM&google_cver=1 dpm.demdex.net/ Frame 429B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODQ5NDQ1ODg1NzE0MzU1MDM4NTA4NTU1MTg4NTkyODc4NjY1Njc= https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODQ5NDQ1ODg1NzE0MzU1MDM4NTA4NTU1MTg4NTkyODc4NjY1Njc=&google_tc= https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEV_cRcRKyeDmHYb7tG1qOM&google_cver=1?gdpr=0&gdpr_consent=	42 B 942 B	452ms 452ms	Image image/gif	54.190.231.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEV_cRcRKyeDmHYb7tG1qOM&google_cver=1?gdpr=0&gdpr_consent= Protocol HTTP/1.1 Server 54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-231-22.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://unitedhealthgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers DCS dcs-prod-usw2-1-v048-0f9e69232.edge-usw2.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID r/CrgWs3S/0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 17 Oct 2023 13:44:19 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEV_cRcRKyeDmHYb7tG1qOM&google_cver=1?gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=903&dpuuid=96199edd-2d7d-407f-89aa-146064a4bdcf dpm.demdex.net/ Frame 429B Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=employereservices.optum.com&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=employereservices.optum.com&ttd_tpi=1 https://dpm.demdex.net/ibs:dpid=903&dpuuid=96199edd-2d7d-407f-89aa-146064a4bdcf	42 B 942 B	869ms 452ms	Image image/gif	54.190.231.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=903&dpuuid=96199edd-2d7d-407f-89aa-146064a4bdcf Protocol HTTP/1.1 Server 54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-231-22.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://unitedhealthgroup.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers DCS dcs-prod-usw2-1-v048-08fe9f929.edge-usw2.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID jIRAjIguSMU= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers location https://dpm.demdex.net/ibs:dpid=903&dpuuid=96199edd-2d7d-407f-89aa-146064a4bdcf date Tue, 17 Oct 2023 13:44:19 GMT server Kestrel content-length 189
GET		image.sbix global.ib-ibi.com/ Frame 429B	0 0
GET		10059574.json s.yimg.com/wi/config/	0 0
GET H2	200	iFrame.html Show response universal.iperceptions.com/ Frame A97B	2 KB 1 KB	266ms 266ms	Document text/html	13.227.254.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://universal.iperceptions.com/iFrame.html Requested by Host: universal.iperceptions.com URL: https://universal.iperceptions.com/wrapper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-10.sin52.r.cloudfront.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 1f0884b12c7d540f6f995ffa6664d5449d075c1ab2a0bfc7ace1df69b2761d84 Request headers Referer https://employereservices.optum.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age 150 cache-control public,max-age=7200 content-encoding gzip content-md5 EWwLArd7NRLd/UFGafi8dA== content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 17 Oct 2023 13:41:49 GMT last-modified Thu, 21 Sep 2023 17:40:01 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary Accept-Encoding via 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront) x-amz-cf-id m0Sz6T2NT5WCKZMRN9cu1W2Vb2JuFrQoReeQFbRQMQGB30BimAzkwg== x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id 129f0007-301e-0046-276d-00375e000000 x-ms-version 2009-09-19
GET H2	200	dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fpre... Show response adservice.google.com/ddm/fls/i/ Frame BD2C	531 B 679 B	1285ms 305ms	Document text/html	74.125.200.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do Requested by Host: 8584968.fls.doubleclick.net URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f154.1e100.net Software cafe / Resource Hash 3e2f4733605cac4a05010a3721566af12266fc3136aa550332726fb4c5763e7a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://8584968.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 304 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 17 Oct 2023 13:44:20 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 225 B	387ms 387ms	XHR text/plain	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_3KO7dqY1GCbiJh4&Q_SIID=SI_7W1MNQnoOXEwNMO&Q_ASID=AS_a5GtsoG4pO2Vzq6&Q_CLIENTVERSION=1.101.0&Q_CLIENTTYPE=web&r=1697550259578 Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://employereservices.optum.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 17 Oct 2023 13:44:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type text/plain; charset=UTF-8 access-control-allow-origin https://employereservices.optum.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id b8c5c4f15f46b278 cf-ray 8178f9c2a93a40c1-SIN
GET H2	200	InviteTriggers Show response api.iperceptions.com/	241 B 328 B	471ms 471ms	XHR application/json	13.91.129.143 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.iperceptions.com/InviteTriggers Requested by Host: cdn.gbqofs.com URL: https://cdn.gbqofs.com/uhg/common/detector-dom.current.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.91.129.143 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 45bacf93a6fe68be40f92b506e500a255581b4c2ba987d419a5b19ce89778f67 Request headers Referer https://employereservices.optum.com/ accept-language zh-SG,zh;q=0.9 SecurityToken ef6177e6-a195-4fc1-9b32-7636466e19b5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Tue, 17 Oct 2023 13:44:21 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache content-length 241 expires -1
OPTIONS H2	200	InviteTriggers api.iperceptions.com/ Frame	0 0	1546ms 592ms	Preflight	13.91.129.143 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.iperceptions.com/InviteTriggers Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.91.129.143 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Accept */* Access-Control-Request-Headers securitytoken Access-Control-Request-Method GET Origin https://employereservices.optum.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-headers securitytoken access-control-allow-origin * cache-control no-cache content-length 0 date Tue, 17 Oct 2023 13:44:20 GMT expires -1 pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET
GET H2	200	dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fpre... Show response adservice.google.com.sg/ddm/fls/i/ Frame CC40	194 B 515 B	1202ms 310ms	Document text/html	74.125.200.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.sg/ddm/fls/i/dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJLAncGb_YEDFc9WDwIdFksEXg;src=8584968;type=eiutv0;cat=lpg_e0gm;ord=3283787681499;auiddc=178144176.1697550258;gtm=45fe3ab0;epver=2;~oref=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f156.1e100.net Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 85 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 17 Oct 2023 13:44:21 GMT expires Tue, 17 Oct 2023 13:44:21 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H/1.1	200 OK	rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9 Show response employereservices.optum.com/	119 B 752 B	737ms 736ms	XHR text/plain	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9?type=js3&sn=v_4_srv_40_sn_9E68B87D1622477531A93E0F326A28A7_perc_100000_ol_0_mul_1_app-3Ab6fcdf59902d150c_1&svrid=40&flavor=post&vi=AAFUARUIPLCQWCIFWIVHJFFMEFBIKHPK-0&modifiedSince=1696568589706&rf=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&bp=3&app=b6fcdf59902d150c&crc=3194253986&en=mvj6kfls&end=1 Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 94783810ff4c024a5bc50a988f64a436c0f2de3c3076a5b116580e709467f154 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload Request headers Referer https://employereservices.optum.com/ees/prelogin/login.do accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 17 Oct 2023 13:44:21 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload Access-Control-Allow-Methods GET, POST, PUT Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://employereservices.optum.com Connection Keep-Alive Keep-Alive timeout=10, max=993 Content-Length 119
GET H2	200	sp.pl sp.analytics.yahoo.com/	43 B 632 B	861ms 264ms	Image image/gif	106.10.236.146 YAHOO-SG3 interne...
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2017%20Oct%202023%2013%3A44%3A21%20GMT&n=-8&b=Employer%20eServices&.yp=10059574&f=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&enc=windows-1252&yv=1.15.1&tagmgr=gtm%2Cadobe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 106.10.236.146 , Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG), Reverse DNS spdc.pbp.vip.sg3.yahoo.com Software ATS / Resource Hash 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Tue, 17 Oct 2023 13:44:21 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif cache-control no-cache, private, must-revalidate accept-ranges bytes content-length 43 expires Tue, 17 Oct 2023 13:44:21 GMT
GET H2	200	IpEngine_v79.0.js Show response universal.iperceptions.com/core/	12 KB 4 KB	267ms 266ms	Script text/javascript	13.227.254.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://universal.iperceptions.com/core/IpEngine_v79.0.js Requested by Host: universal.iperceptions.com URL: https://universal.iperceptions.com/wrapper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-10.sin52.r.cloudfront.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash fe63153f01ff7db0a6dc83b4f7acc5ed06410021f2d302063e263727e88d3ff8 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 17 Oct 2023 13:44:13 GMT content-encoding gzip via 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront) content-md5 37qd3bJleyYQUEDZodk3CA== age 7 x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-ms-lease-status unlocked last-modified Tue, 14 Feb 2023 19:22:30 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 vary Accept-Encoding content-type text/javascript access-control-allow-origin * x-ms-request-id 435c46e6-701e-0063-1d00-01afed000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-amz-cf-id Dvhx8dq7LPsfeaVoYE2_Feo_g-_Irr0-_brk_fSYOQUsYMDFfbXAzw==
GET H2	200	12426_638163242078990213 Show response sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/	10 KB 3 KB	1203ms 277ms	Script application/javascript	54.192.150.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/12426_638163242078990213 Requested by Host: universal.iperceptions.com URL: https://universal.iperceptions.com/wrapper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.150.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-150-114.sin2.r.cloudfront.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c678ecb9361cba50700b07d25dd213aab1275e449b788039eb06f06f935cc805 Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 17 Oct 2023 13:32:23 GMT content-encoding gzip via 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront) content-md5 aJguN6kOfNAlL9yw2KASfQ== age 720 x-amz-cf-pop SIN2-C1 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 2529 x-ms-lease-status unlocked last-modified Wed, 05 Apr 2023 20:43:28 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DB361668F19DFC vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id b7e6b6c0-701e-005e-54fe-00368c000000 cache-control x-ms-blob-cache-control: public, max-age=900 x-ms-version 2009-09-19 accept-ranges bytes x-amz-cf-id r_fvPu8cC9qIQKqDipVIGyVzv-iClJXXt_ncgXtY3bT7emSzPvWWHw==
POST H/1.1	200 OK	rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9 Show response employereservices.optum.com/	119 B 752 B	766ms 765ms	XHR text/plain	149.111.149.133 UHC
General Check archive.org Show headers Download Go to Full URL https://employereservices.optum.com/rb_b01e4ef6-8017-40a8-aff2-199e2d7dade9?type=js3&sn=v_4_srv_40_sn_9E68B87D1622477531A93E0F326A28A7_perc_100000_ol_0_mul_1_app-3Ab6fcdf59902d150c_1&svrid=40&flavor=post&vi=AAFUARUIPLCQWCIFWIVHJFFMEFBIKHPK-0&modifiedSince=1696568589706&rf=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&bp=3&app=b6fcdf59902d150c&crc=1435945595&en=mvj6kfls&end=1 Requested by Host: employereservices.optum.com URL: https://employereservices.optum.com/ruxitagentjs_ICA2NVfhjqru_10269230920162641.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.111.149.133 , United States, ASN10879 (UHC, US), Reverse DNS ees-elr.optum.com Software / Resource Hash 94783810ff4c024a5bc50a988f64a436c0f2de3c3076a5b116580e709467f154 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains; preload Request headers Referer https://employereservices.optum.com/ees/prelogin/login.do accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 17 Oct 2023 13:44:23 GMT Strict-Transport-Security max-age=16070400; includeSubDomains; preload Access-Control-Allow-Methods GET, POST, PUT Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://employereservices.optum.com Connection Keep-Alive Keep-Alive timeout=10, max=992 Content-Length 119
GET H2	200	harvest_12426.js Show response art.azureedge.net/harvest/	9 KB 2 KB	1424ms 260ms	Script application/x-javascript	117.18.232.200 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://art.azureedge.net/harvest/harvest_12426.js Requested by Host: universal.iperceptions.com URL: https://universal.iperceptions.com/wrapper.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 117.18.232.200 , Australia, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (sgc/56B2) / Resource Hash 6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d Request headers accept-language zh-SG,zh;q=0.9 Referer https://employereservices.optum.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 17 Oct 2023 13:44:24 GMT content-encoding gzip last-modified Tue, 21 Jan 2020 17:36:10 GMT server ECAcc (sgc/56B2) age 474788 etag 0x8D79E98674A1069 vary Accept-Encoding x-cache HIT content-type application/x-javascript x-ms-request-id 4844dc0f-001e-00ef-20ae-fce00f000000 x-ms-version 2009-09-19 content-length 2019
GET		ip.gif post.iperceptions.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

global.ib-ibi.com

URL

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=84944588571435503850855518859287866567

Domain

s.yimg.com

URL

https://s.yimg.com/wi/config/10059574.json

Domain

post.iperceptions.com

URL

https://post.iperceptions.com/ip.gif?sid=a80d826b-c4f2-c93c-4fb7-42f0c2572256&vid=450e4ea2-9899-c4c2-4946-b894b46a214f&tkid=ef6177e6-a195-4fc1-9b32-7636466e19b5&url=https%3A%2F%2Femployereservices.optum.com%2Fees%2Fprelogin%2Flogin.do&title=Employer%20eServices