welcome.wellmark.com Open in urlscan Pro
13.33.60.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ebusiness.wellmark.com/brokerandagent/esmile/viewmessage.asp?id=1331126
Effective URL:
https://welcome.wellmark.com/Authentication/Login.aspx
Submission: On August 15 via manual (August 15th 2022, 5:05:26 pm UTC) from US — Scanned from US

Summary HTTP 65 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 23 domains to perform 65 HTTP transactions. The main IP is 13.33.60.90, located in United States and belongs to AMAZON-02, US. The main domain is welcome.wellmark.com. The Cisco Umbrella rank of the primary domain is 231310.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 28th 2022. Valid for: a year.

This is the only time welcome.wellmark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.245.34.203 198.245.34.203	55292 (WELLMARK) (WELLMARK)
4 12	13.33.60.90 13.33.60.90	16509 (AMAZON-02) (AMAZON-02)
9	143.204.146.98 143.204.146.98	16509 (AMAZON-02) (AMAZON-02)
9	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1	168.62.224.13 168.62.224.13	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	99.84.37.78 99.84.37.78	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	69.28.157.216 69.28.157.216	22822 (LLNW) (LLNW)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1	99.84.37.48 99.84.37.48	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2004	15169 (GOOGLE) (GOOGLE)
1	143.204.146.14 143.204.146.14	16509 (AMAZON-02) (AMAZON-02)
1	143.204.146.114 143.204.146.114	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	207.198.113.230 207.198.113.230	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	52.20.155.145 52.20.155.145	14618 (AMAZON-AES) (AMAZON-AES)
1 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	23.64.61.72 23.64.61.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.1.175.157 52.1.175.157	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
65	27

1 198.245.34.203 (Des Moines, United States) 1 redirects

ASN55292 (WELLMARK, US)
PTR: ebusiness.wellmark.com

ebusiness.wellmark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.33.60.90 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-90.ewr52.r.cloudfront.net

welcome.wellmark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.146.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-98.ewr52.r.cloudfront.net

www.wellmark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:823::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.62.224.13 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-ch1-001.cloudapp.net

wm-languages-disclaimers.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-78.ewr52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.28.157.216 (Ashburn, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-157-216.iad.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-48.ewr52.r.cloudfront.net

analytics.newscred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-14.ewr52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-114.ewr52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.198.113.230 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.155.145 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-155-145.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.64.61.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-72.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.175.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-175-157.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	wellmark.com 5 redirects ebusiness.wellmark.com — Cisco Umbrella Rank: 655866 welcome.wellmark.com — Cisco Umbrella Rank: 231310 www.wellmark.com — Cisco Umbrella Rank: 162405	1 MB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	124 KB
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1298 insight.adsrvr.org — Cisco Umbrella Rank: 619 match.adsrvr.org — Cisco Umbrella Rank: 381	9 KB
4	sitescout.com 2 redirects pixel.sitescout.com — Cisco Umbrella Rank: 3338	3 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	283 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10	762 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	54 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803	68 KB
2	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 309	568 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 469	618 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	622 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 111	54 KB
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921	287 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	916 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	297 B
1	newscred.com analytics.newscred.com — Cisco Umbrella Rank: 29049	7 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9151	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	azurewebsites.net wm-languages-disclaimers.azurewebsites.net — Cisco Umbrella Rank: 316144	1 KB
65	23

	Domain	Requested by
12	welcome.wellmark.com	4 redirects welcome.wellmark.com
9	www.google-analytics.com	welcome.wellmark.com www.google-analytics.com www.googletagmanager.com
9	www.wellmark.com	welcome.wellmark.com www.wellmark.com
4	pixel.sitescout.com	2 redirects welcome.wellmark.com
4	match.adsrvr.org	js.adsrvr.org
4	www.googletagmanager.com	welcome.wellmark.com www.googletagmanager.com analytics.newscred.com
3	www.google.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	idsync.rlcdn.com	1 redirects
2	sync.crwdcntrl.net	1 redirects
2	pixel.tapad.com	1 redirects
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	stats.g.doubleclick.net	welcome.wellmark.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	www.youtube.com	welcome.wellmark.com www.youtube.com
1	sync.teads.tv
1	pixel.rubiconproject.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	www.facebook.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	insight.adsrvr.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.newscred.com	www.googletagmanager.com
1	up.pixel.ad	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	wm-languages-disclaimers.azurewebsites.net	welcome.wellmark.com
1	ebusiness.wellmark.com	1 redirects
65	31

This site contains links to these domains. Also see Links.

Domain
secure.healthx.com
get.adobe.com
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
www.linkedin.com
www.pinterest.com

Subject Issuer	Validity	Valid
welcome.wellmark.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.wellmark.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-25` - `2022-08-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.welcomesoftware.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://welcome.wellmark.com/Authentication/Login.aspx
Frame ID: DCA68C9CCBB548AA05117ECA65CB33D9
Requests: 54 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0
Frame ID: 2CB53DE3325904DD35AB15E562F2EB8A
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 64D782326957331E2AA6D91B224C319C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&google_gid=CAESEGv63q9nI_4ylsE4RHiKs5I&google_cver=1
Frame ID: 65469A71215011A85E62D17627230A90
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-5x0xcANE2uImn6caYRJc4JYz5ITnHto-~A&gdpr=0&gdpr_consent=
Frame ID: FDB189FD8EFF34926E10D14557DD6D17
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: C37C5025B2DFBF7B8D599D8D7D939A6A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: C4167AECF80D08B520F72C290807682B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In Page | Wellmark Blue Cross and Blue Shield

Page URL History Show full URLs

https://ebusiness.wellmark.com/brokerandagent/esmile/viewmessage.asp?id=1331126 HTTP 302
https://welcome.wellmark.com/Authentication/Login.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

65
Requests

86 %
HTTPS

30 %
IPv6

23
Domains

31
Subdomains

27
IPs

1
Countries

1711 kB
Transfer

3318 kB
Size

57
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.healthx.com/wellmark.member
Title: Medicare Advantage member portal

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Get Adobe Reader

Search URL Search Domain Scan URL

URL: http://www.facebook.com/WellmarkBCBS
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/wellmarkbcbs
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/WellmarkVideo
Title: Youtube

Search URL Search Domain Scan URL

URL: http://www.instagram.com/wellmarkbcbs
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wellmark
Title: Linked In

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/WellmarkBCBS
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ebusiness.wellmark.com/brokerandagent/esmile/viewmessage.asp?id=1331126 HTTP 302
https://welcome.wellmark.com/Authentication/Login.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://welcome.wellmark.com/assets/public/styles/app.min.css HTTP 302
https://www.wellmark.com/assets/public/styles/app.min.css

Request Chain 2

https://welcome.wellmark.com/assets/public/styles/pages/styleguide.css HTTP 302
https://www.wellmark.com/assets/public/styles/pages/styleguide.css

Request Chain 5

https://welcome.wellmark.com/assets/public/js/app.min.js HTTP 302
https://www.wellmark.com/assets/public/js/app.min.js

Request Chain 6

https://welcome.wellmark.com/assets/public/js/pages/styleguide.js HTTP 302
https://www.wellmark.com/assets/public/js/pages/styleguide.js

Request Chain 43

https://insight.adsrvr.org/track/up?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWFmNmFiM2EtM2UzOC00OThmLWJlZjQtYzViZTgwYzcwYWEy&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&google_gid=CAESEGv63q9nI_4ylsE4RHiKs5I&google_cver=1

Request Chain 53

https://ups.analytics.yahoo.com/ups/55953/sync?uid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-5x0xcANE2uImn6caYRJc4JYz5ITnHto-~A&gdpr=0&gdpr_consent=

Request Chain 54

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 55

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 56

https://pixel.sitescout.com/up/777cb268579b85eb?cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx HTTP 302
https://pixel.sitescout.com/up/777cb268579b85eb?cookieQ=1&cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx

Request Chain 57

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=

Request Chain 58

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553

Request Chain 60

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=&ct=y

Request Chain 61

https://idsync.rlcdn.com/384136.gif?partner_uid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyYjUzYzllMDUtMTUyNi00YTFmLWE5MjUtYzJmNzY5OWVkYWJlLTYyZmE3Y2QzLTU1NTMQABoNCNP56ZcGEgUI6AcQAEIASgA

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login.aspx Show response
welcome.wellmark.com/Authentication/
Redirect Chain

https://ebusiness.wellmark.com/brokerandagent/esmile/viewmessage.asp?id=1331126
https://welcome.wellmark.com/Authentication/Login.aspx

19 KB
21 KB

293ms
103ms

Document
text/html

13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.wellmark.com/Authentication/Login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.60.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-60-90.ewr52.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cd31d30d1b0e42cd7e3c29a9eede17b4951465a5c68f8e3bc2ccb085df99df84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 19625
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 17:05:21 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/10.0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2091611844"
Via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 1HESZr0CHQrSLr9qmhjRiNRv_PX2a7zSRDWfIwglO6e4dWDmYOOIcQ==
X-Amz-Cf-Pop: EWR52-C1
X-AspNet-Version: 4.0.30319
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-Powered-By: ASP.NET
X-ruxit-JS-Agent: true

Redirect headers

Content-Length: 0
Date: Mon, 15 Aug 2022 17:05:17 GMT
Location: https://welcome.wellmark.com/Authentication/Login.aspx
Server: Microsoft-IIS/8.5
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1338699461"
X-Powered-By: ASP.NET

GET
H/1.1 200
OK ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js Show response
welcome.wellmark.com/Authentication/ 225 KB
86 KB 152ms
61ms Script
text/javascript 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.33.60.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-60-90.ewr52.r.cloudfront.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

536d7488259b9dc39cb27731b905fa2c888caa08c96c34efd97650ff7ff3680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/Authentication/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Via: 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 86665
X-Amz-Cf-Id: -nGSI_QyK6ZmAOlhIKEy21qRs0f846s4UCbtZq5H7ykYlaj87sw0oQ==
Expires: Tue, 15 Aug 2023 17:05:21 GMT

GET
H/1.1

200
OK

app.min.css
www.wellmark.com/assets/public/styles/
Redirect Chain

https://welcome.wellmark.com/assets/public/styles/app.min.css
https://www.wellmark.com/assets/public/styles/app.min.css

363 KB
364 KB

213ms
65ms

Stylesheet
text/css

143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/styles/app.min.css
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 076717c3769ce8707bf611a6d2631ee9345efd4962a55b528526a09a70fc0d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 329b0fc45cd0599e7f2c2cee0cf4ae8e.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 May 2022 19:24:53 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "1015ea463671d81:0"
X-Cache: Miss from cloudfront
Content-Type: text/css
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-929767662"
Accept-Ranges: bytes
Content-Length: 371940
X-Amz-Cf-Id: HjlpZNM1lldGXGTLn8RdaRvNe9GI3R81pBe697SoaRxrNiOZCDafYQ==

Redirect headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/html; charset=UTF-8
Location: https://www.wellmark.com/assets/public/styles/app.min.css
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1399317729"
Connection: keep-alive
Content-Length: 180
X-Amz-Cf-Id: E8jGjLcCZRyBMCdfPKVw2pbrieAE7cEHexJUkLjF1J5wh4a0zykE2Q==

GET
H/1.1

200
OK

styleguide.css
www.wellmark.com/assets/public/styles/pages/
Redirect Chain

https://welcome.wellmark.com/assets/public/styles/pages/styleguide.css
https://www.wellmark.com/assets/public/styles/pages/styleguide.css

3 KB
5 KB

156ms
65ms

Stylesheet
text/css

143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/styles/pages/styleguide.css
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 5ebab8f0a7203dd29848a69b18a981f5fd5ce059beb1232c9a469d2b5a8e4374

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Apr 2020 23:00:13 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "f7b1f4726717d61:0"
X-Cache: Miss from cloudfront
Content-Type: text/css
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="547538629"
Accept-Ranges: bytes
Content-Length: 3537
X-Amz-Cf-Id: 25yjzMdc2E3REWHiPv9cEF1arsMxvkYBo3wjJSzfVWhdz136NnqhoA==

Redirect headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/html; charset=UTF-8
Location: https://www.wellmark.com/assets/public/styles/pages/styleguide.css
Server-Timing: dtSInfo;desc="0", dtRpid;desc="811097030"
Connection: keep-alive
Content-Length: 189
X-Amz-Cf-Id: TMqrVaQF8QcfqxOgiTh45qLR743pJpoA5pUZMbgz0BrERz6VVGQYmQ==

GET
H/1.1 200
OK wmk-tools.css
welcome.wellmark.com/includes/ 3 KB
3 KB 164ms
77ms Stylesheet
text/css 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.wellmark.com/includes/wmk-tools.css
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3886319b97fccf63560e40d9209479777cc45a3f50cc174f4d5213ac10cdf84b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/Authentication/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
ETag: "80efc41ccba9d31:0"
Last-Modified: Mon, 19 Feb 2018 21:46:35 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/css
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="247127056"
Accept-Ranges: bytes
Content-Length: 2601
X-Amz-Cf-Id: Rqu10M89bW-riXNfFzwhfvLYoNXZ35SYwjbJmf-Kem8t7o8-ANTmBQ==

GET
H/1.1 200
OK logo-wellmark.png
welcome.wellmark.com/includes/images/ 4 KB
5 KB 59ms
59ms Image
image/png 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://welcome.wellmark.com/includes/images/logo-wellmark.png
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a28375d72e552a424f153192d974a1cf6f887dd438c771a0e1c5f87072965960

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/Authentication/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
ETag: "0e6f4215d8cd11:0"
Last-Modified: Fri, 01 Apr 2016 21:26:20 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-520725529"
Accept-Ranges: bytes
Content-Length: 4241
X-Amz-Cf-Id: BhYHhOqcrf2AVa_fivf1_wlcfR6ajAdQ3pANxzwLHvT_DQ8Tp4Ii3Q==

GET
H/1.1

200
OK

app.min.js Show response
www.wellmark.com/assets/public/js/
Redirect Chain

https://welcome.wellmark.com/assets/public/js/app.min.js
https://www.wellmark.com/assets/public/js/app.min.js

422 KB
423 KB

59ms
58ms

Script
application/javascript

143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/js/app.min.js
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 298fd8e4a535f653e7571022acd2005fb316548d9ff01f0dd8433170780289de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Jun 2020 15:49:21 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "dd2e773184bd61:0"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1705210268"
Accept-Ranges: bytes
Content-Length: 432181
X-Amz-Cf-Id: J6fJd8qkiZGfmrrBdpHWHCVuLVtfJ7lOotSjDwdOZkMCiZfmCXMSAA==

Redirect headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront)
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/html; charset=UTF-8
Location: https://www.wellmark.com/assets/public/js/app.min.js
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1249356956"
Connection: keep-alive
Content-Length: 175
X-Amz-Cf-Id: yI3E3bFeyCZaFijjzZiRuKc0qWCNYJC0zauShRGz_M_CM1Nbq8uVDQ==

GET
H/1.1

200
OK

styleguide.js Show response
www.wellmark.com/assets/public/js/pages/
Redirect Chain

https://welcome.wellmark.com/assets/public/js/pages/styleguide.js
https://www.wellmark.com/assets/public/js/pages/styleguide.js

1 KB
2 KB

144ms
58ms

Script
application/javascript

143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/js/pages/styleguide.js
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 24326f874273aca0c5172b4e9ea5f693c8571e04b106e50e840706e74a4b63d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Apr 2020 23:00:14 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "867c87736717d61:0"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1035562695"
Accept-Ranges: bytes
Content-Length: 1347
X-Amz-Cf-Id: Ird6p_60O9q8AhU2Ikg6BQ5ZEy51pcJk3301WEYU1lovIUjuWKAoAQ==

Redirect headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: text/html; charset=UTF-8
Location: https://www.wellmark.com/assets/public/js/pages/styleguide.js
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1780307213"
Connection: keep-alive
Content-Length: 184
X-Amz-Cf-Id: kWPVDU0OwDxaQcnxzT3j8qU8PmTrW7X-2dGQo5FfIe7sBFQVd-Aqcg==

GET
H/1.1 200
OK AccessibilitysetFocus.js Show response
welcome.wellmark.com/includes/ 2 KB
2 KB 80ms
79ms Script
application/javascript 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.wellmark.com/includes/AccessibilitysetFocus.js
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ebd8ddf9ddf0ed51b59f0ca89c654ce164e89c1377df30b5be88ac50f54f4ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/Authentication/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
ETag: "0f8804fa63ad21:0"
Last-Modified: Wed, 09 Nov 2016 16:28:32 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1417800521"
Accept-Ranges: bytes
Content-Length: 1551
X-Amz-Cf-Id: u1XvHVURG1bGEzEjsRC0Aa45o9mIObki-iYfT94dqigsy0ZscEvQ9A==

GET
H/1.1 200
OK DateAutoSlashes.js Show response
welcome.wellmark.com/includes/ 3 KB
4 KB 63ms
62ms Script
application/javascript 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.wellmark.com/includes/DateAutoSlashes.js
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 008be00294fb0c76e31c77265f655942cea9ac2b879c7ff57bc37215dc34fc2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/Authentication/Login.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:21 GMT
Via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
ETag: "0d28bf58bd31:0"
Last-Modified: Thu, 11 Jan 2018 17:58:12 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C1
X-Powered-By: ASP.NET
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1069902469"
Accept-Ranges: bytes
Content-Length: 3319
X-Amz-Cf-Id: oILtE5_cRvb6u4Z2Jwtwp_GaeLObLfykNLvFKcp03yvCLJhogvlr5Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
41ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 180
date: Mon, 15 Aug 2022 17:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 19:02:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 647 KB
123 KB 194ms
102ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81b971f9d3949db7d3187fb76bf35a612ee5fc89b2e663bbe0a8ad3db701602c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124954
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 16:05:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 17:05:21 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 104 KB
41 KB 61ms
61ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KPLVVQ8&cid=1880118591.1660583122

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53c42590f156be0466dea80d08b405bcba26f76515bc7067371faf00d96c46b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41313
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 16:42:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 17:05:21 GMT

GET
H/1.1 200
OK ae0ae2a8-60f1-4b99-8950-8070090f154a.woff2
www.wellmark.com/assets/public/fonts/ 31 KB
32 KB 151ms
55ms Font
font/woff2 143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/fonts/ae0ae2a8-60f1-4b99-8950-8070090f154a.woff2
Requested by: Host: www.wellmark.com
URL: https://www.wellmark.com/assets/public/styles/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0ec15d12210fef25c142e165cce80bd1c56ffb02441873b4294e3a864ddf5fe7

Request headers

Referer: https://www.wellmark.com/assets/public/styles/app.min.css
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
Last-Modified: Thu, 03 Mar 2016 20:20:15 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "088bd198a75d11:0:dtagent10245220704125537DYIA"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="172572113", dtTao;desc="1"
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 32180
X-Amz-Cf-Id: 3jFnq2pLyESkzl8Rz6bbxYVSI6AZKaokdej_phsvSZ10HlUWUWBRjw==

GET
H/1.1 200
OK a235c461-39a1-4de8-8014-eeff4bb4fd27.woff2
www.wellmark.com/assets/public/fonts/ 24 KB
25 KB 179ms
84ms Font
font/woff2 143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/fonts/a235c461-39a1-4de8-8014-eeff4bb4fd27.woff2
Requested by: Host: www.wellmark.com
URL: https://www.wellmark.com/assets/public/styles/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e831919b79803a91ff938fbcb08966f1bebc526d8aa96e70a4ce8965ac0ad398

Request headers

Referer: https://www.wellmark.com/assets/public/styles/app.min.css
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Via: 1.1 edf41293681a3c1555cb4f36266904cc.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Mar 2016 19:48:05 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "d6a9d5c07384d11:0:dtagent10245220704125537DYIA"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="66259595"
Accept-Ranges: bytes
Content-Length: 24540
X-Amz-Cf-Id: ZmfgzfvJSyivg1-LCVXZ5EttT6WyoYvy1QpXHRCLg_BzcvcsgA3Gnw==

GET
H/1.1 200
OK 75129a36-d2dd-447d-978b-c4a39bcdc899.woff2
www.wellmark.com/assets/public/fonts/ 31 KB
32 KB 165ms
69ms Font
font/woff2 143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/fonts/75129a36-d2dd-447d-978b-c4a39bcdc899.woff2
Requested by: Host: www.wellmark.com
URL: https://www.wellmark.com/assets/public/styles/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 739f0a5ef9a2704758e81804f25d89cc55535cabcc3c05d2127cc70aef5b3c94

Request headers

Referer: https://www.wellmark.com/assets/public/styles/app.min.css
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
Last-Modified: Thu, 03 Mar 2016 20:20:15 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "c6a1ba198a75d11:0:dtagent10245220704125537DYIA"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-648701397", dtTao;desc="1"
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 31900
X-Amz-Cf-Id: v2aQnNZkQvjOjLXVDwqO_3D2tY-PRFKReYRKHG9ISVUE2TdNL1BU1Q==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17b947ca59c82ed002f20d78c7b225cea5c0d42455c7252f8dbd7a3a093540d9

Request headers

Referer
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK 25892c24-e416-4b30-ae4d-7ac14c42a38b.woff2
www.wellmark.com/assets/public/fonts/ 24 KB
25 KB 155ms
65ms Font
font/woff2 143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/fonts/25892c24-e416-4b30-ae4d-7ac14c42a38b.woff2
Requested by: Host: www.wellmark.com
URL: https://www.wellmark.com/assets/public/styles/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 77fc17cb9bb88ded98d23c9515b0abdc5b7234eaa9adc56b1aacc95f11663cec

Request headers

Referer: https://www.wellmark.com/assets/public/styles/app.min.css
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Mar 2016 19:48:05 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "32dd0c07384d11:0:dtagent10245220704125537DYIA"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-659819531", dtTao;desc="1"
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24648
X-Amz-Cf-Id: bGXiYV_LC5q04Tzu9V9y7aNnLhjPTK15vPNru9Nrm2fllSgKbcfW5Q==

GET
H/1.1 200
OK languages Show response
wm-languages-disclaimers.azurewebsites.net/ 2 KB
1 KB 150ms
42ms XHR
application/json 168.62.224.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wm-languages-disclaimers.azurewebsites.net/languages?get_param=value
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.224.13 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: waws-prod-ch1-001.cloudapp.net
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: a91d9547b22485d24d3e4990c650779ce388d7f57707bbeb061c830f10fc8830

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://welcome.wellmark.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Content-Encoding: gzip
ETag: W/"663-Bk26EkaVBfjPbfyxqpmMfQ"
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
43 KB 58ms
57ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-NPSTHV5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf700c000f4ac323e3a03c1ce4d97f55948875586173c6b6d18b7548ad37d61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44243
x-xss-protection: 0
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
72 KB 163ms
80ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QKV0EYY0J7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14f0f395f0240775fb78662aa1a0f3dcb70560325ca2c497c4a80dd10ed64dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73332
x-xss-protection: 0
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 181
date: Mon, 15 Aug 2022 17:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 19:02:21 GMT

GET
H2 200 hotjar-2992010.js Show response
static.hotjar.com/c/ 5 KB
3 KB 222ms
124ms Script
application/javascript 99.84.37.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2992010.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.37.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-37-78.ewr52.r.cloudfront.net

Software

Resource Hash

d3c5f375f771d9878234ae54577627f6ed0e896b067b5639368e5d8c54da8ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: EWR52-C4
x-cache-hit: 1
date: Mon, 15 Aug 2022 17:05:22 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a1882a601559755135741e91a9f86c28.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: kiauc836iau4XeEznnzPeOd6r7zeCMO0lRhrixAnOT9v0UmOzKFGhg==
etag: W/116bc01f96aa76c15fba6a6d35d965bc

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 86ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27F97D4966354F2B9FD53A9F6A6E858F Ref B: CHGEDGE0908 Ref C: 2022-08-15T17:05:22Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 15 Aug 2022 17:05:21 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 152ms
47ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: kgHLcmn7ssbhqgzhXG48xnnTE+l0ib5dNhhYek2wx7Y6bfFR0jgH8kXIDSn4KL8PbvYnGe4qs2K4VVCtKQJEpA==
x-fb-trip-id: 1814657579
x-frame-options: DENY
date: Mon, 15 Aug 2022 17:05:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 173ms
70ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

8fb8fd15aa87943287267358479866a9bbb1338f8b44648a5360977be5bdfe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15165
x-xss-protection: 0
server: cafe
etag: 8742117124739336602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 158ms
67ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

138eaa1d891bff2711c315f16730611d486c4a6a038a4eeab0e203d05d804e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 125ms
62ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8188237

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d40dc365a1477ef4d6431c2a009d4a40d9985aab50b1a281c2b50e4047021b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41653
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 16:42:31 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 149ms
43ms Script
application/javascript 69.28.157.216
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.28.157.216 Ashburn, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-28-157-216.iad.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 402551
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: a157b1c6cf0683c0ea85a0e8b7a06dc5

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 144ms
44ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 08:35:30 GMT
Via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 30593
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: lNan8aiptHlxsLmS63B-82gLQfhvNx7ESvYvOTxYpdVNNyE_zqlbEg==

GET
H2 200 analytics_8b4c185a2c554092b75dff5f3180fbaa.js Show response
analytics.newscred.com/ 21 KB
7 KB 204ms
47ms Script
application/javascript 99.84.37.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.newscred.com/analytics_8b4c185a2c554092b75dff5f3180fbaa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-566THJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-48.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9cdf1363ca296a996f4911881aa994473b836f47593374bbd68bd91d40604cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:01:57 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 06:49:58 GMT
server: AmazonS3
age: 25406
etag: W/"9d7c649a37ba033f09166eadfcaa6dda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: J9I4O3m_bxwnlJckWjh3S2E0c0SkTiH_jYBZz4IUIpLTXhUpla0ZGg==

GET
H2 204 5511644.js Show response
bat.bing.com/p/action/ 0
118 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5511644.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1C90EB9C4B340D9BBB6681E3C3A2BFA Ref B: CHGEDGE0908 Ref C: 2022-08-15T17:05:22Z
date: Mon, 15 Aug 2022 17:05:21 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 97ms
96ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5511644&tm=gtm002&Ver=2&mid=f539413e-a55b-41fe-a743-e588f7a6a65f&sid=72b33d201cbc11ed9ecc91f16f6f9e84&vid=72b36e901cbc11ed82d78dcec4a8277b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&p=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&r=&lt=9961&evt=pageLoad&sv=1&rn=409130

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B20A63D0BD0B4BD5AAD86DDACA8106E6 Ref B: CHGEDGE0908 Ref C: 2022-08-15T17:05:22Z
date: Mon, 15 Aug 2022 17:05:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
444 B 128ms
47ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22866223-1&cid=1880118591.1660583122&jid=1518823436&gjid=658546450&_gid=1461194631.1660583122&_u=aHDAiEADRAAAAE~&z=704852399

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.wellmark.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 17:05:22 GMT
content-type: text/plain
access-control-allow-origin: https://welcome.wellmark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
54ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1796425879&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&ul=en-us&de=UTF-8&dt=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Custom%20Dimension&ea=Not%20Set&el=Not%20Set&_u=aHDACEADRAAAAG~&jid=1473220169&gjid=1787887048&cid=1880118591.1660583122&tid=UA-22866223-1&_gid=1461194631.1660583122&_r=1&gtm=2wg880566THJ&cd2=(not%20set)&cd3=(not%20set)&cd4=(not%20set)&cd5=(not%20set)&cd6=(not%20set)&cd7=(not%20set)&cd8=(not%20set)&cd10=(not%20set)&cd11=(not%20set)&cd12=(not%20set)&cd13=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&z=1536961444

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.wellmark.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.wellmark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1796425879&t=pageview&_s=1&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&ul=en-us&de=UTF-8&dt=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEADR~&jid=1518823436&gjid=658546450&cid=1880118591.1660583122&tid=UA-22866223-1&_gid=1461194631.1660583122&gtm=2wg880566THJ&cd1=Not%20Registered&cd60=17%3A05%202022%2F08%2F15&cd61=monday%20%7C%20weekday&cd62=Authentication&z=1787412679

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 20:13:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75107
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
41ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1796425879&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&ul=en-us&de=UTF-8&dt=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Event&ea=ChannelMix%20ID&el=ChannelMix%20ID&_u=aHHACEADRAAAAG~&jid=&gjid=&cid=1880118591.1660583122&uid=1880118591.1660583122&tid=UA-22866223-1&_gid=1461194631.1660583122&gtm=2wg880566THJ&cd24=1880118591.1660583122&cd25=direct%20%2F%20direct%20%2F%20&cd26=1&cd27=direct&z=298729376

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 20:13:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75107
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK knu.woff2
www.wellmark.com/assets/public/fonts/Karen/ 30 KB
31 KB 54ms
54ms Font
font/woff2 143.204.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wellmark.com/assets/public/fonts/Karen/knu.woff2
Requested by: Host: www.wellmark.com
URL: https://www.wellmark.com/assets/public/styles/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-98.ewr52.r.cloudfront.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fa8c52dc381250ce24bfd3fe2e9b855b98920bbd2028f7b1602b94942c98bc47

Request headers

Referer: https://www.wellmark.com/assets/public/styles/app.min.css
Origin: https://welcome.wellmark.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 17:05:22 GMT
Via: 1.1 edf41293681a3c1555cb4f36266904cc.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Jul 2016 23:11:47 GMT
Server: Microsoft-IIS/10.0
X-Amz-Cf-Pop: EWR52-C2
ETag: "22e11f0a4d8d11:0:dtagent10245220704125537DYIA"
X-Cache: Miss from cloudfront
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2068727504", dtTao;desc="1"
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 31164
X-Amz-Cf-Id: oLh_W3_aR7Bkh-NX2MY96m73tRRRKT88ijsQVN3jDFW1tFbwWqEACw==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4c3f79c5/www-widgetapi.vflset/ 161 KB
52 KB 126ms
41ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c3f79c5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc29081bda373a618fe9d0c0d5f43fd9fb45fdd9c815b621ef2e2564217091c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53326
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 02:21:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Aug 2023 05:40:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 65ms
48ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22866223-1&cid=1880118591.1660583122&jid=1473220169&gjid=1787887048&_gid=1461194631.1660583122&_u=aHDACEADRAAAAG~&z=1014361346

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.wellmark.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 17:05:22 GMT
content-type: text/plain
access-control-allow-origin: https://welcome.wellmark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 95ms
47ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.75

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: kVFyNn83EjukzmW5Gz3jjfmgz/gvIkf9OW4SBkaj2wj+VVpQEPhyve+aQ7JKaS4WWe52UejDR4wtitUI3s4noA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 17:05:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 361373760726478 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 96ms
48ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/361373760726478?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b637e4681c7a2244d61f4b0e1e7d936f5957ad85361067faf64c2d024ffd6156

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7158
x-xss-protection: 0
pragma: public
x-fb-debug: HsyoqkzKkAhVxwZ2wE5BsFLDhbixZjnRc8e0HkTvwpX5DAAkHzncRlGQVsaD9WQQeVBb9rqaoFkobx3CdijIYQ==
x-frame-options: DENY
date: Mon, 15 Aug 2022 17:05:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/928622298/ 2 KB
2 KB 154ms
63ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/928622298/?random=1660583122317&cv=9&fst=1660583122317&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&tiba=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&auid=1027506676.1660583122&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13792fa33d32ae8a52881ad72e805eaab5a4b94a8f172d662282c6af2f6d02de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 55ms
55ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QKV0EYY0J7&gtm=2oe880&_p=1796425879&cid=1880118591.1660583122&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660583122&sct=1&seg=0&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&dt=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QKV0EYY0J7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.wellmark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 2CB5
Redirect Chain

https://insight.adsrvr.org/track/up?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0

927 B
1 KB

74ms
70ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 51f29d7e74f24b18e55f8932f8108d8d02af3a5d5432c5407960265c3fa1ebea

Request headers

Referer: https://welcome.wellmark.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 17:05:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 17:05:22 GMT
location: https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
57ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22866223-1&cid=1880118591.1660583122&jid=1518823436&_u=aHDAiEADRAAAAE~&z=1500635560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 149ms
59ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22866223-1&cid=1880118591.1660583122&jid=1473220169&_u=aHDACEADRAAAAG~&z=115818144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 151ms
48ms Script
application/javascript 143.204.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2992010.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.146.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-146-14.ewr52.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281475
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XubSN0xYV0hOqM72da3VddeTOE-P5ZRtP9wyugg_9J1fPvsCWDB7AA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
48 KB 56ms
55ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WF67Q2

Requested by

Host: analytics.newscred.com
URL: https://analytics.newscred.com/analytics_8b4c185a2c554092b75dff5f3180fbaa.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bad3783eb171669c72bc8ac573e30391d1fce63b8f5d3e99467efbb5be6b520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49273
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 16:05:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 64D7 2 KB
1 KB 137ms
43ms Document
text/html 143.204.146.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2992010.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.146.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-146-114.ewr52.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://welcome.wellmark.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2881936
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
x-amz-cf-id: OGbc1QFr2z2Rh2OLcjpTCyZ9Bpt_gPMP2HeV2JDJXXRqSQAEXi87Kw==
x-amz-cf-pop: EWR52-C2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 139ms
46ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=361373760726478&ev=PageView&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&rl=&if=false&ts=1660583122468&sw=1600&sh=1200&v=2.9.75&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1660583122467.653557714&it=1660583122312&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 17:05:22 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/928622298/ 42 B
154 B 58ms
58ms Image
image/gif 2607:f8b0:4006:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/928622298/?random=1660583122317&cv=9&fst=1660582800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&frm=0&url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&tiba=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&async=1&fmt=3&is_vtc=1&random=2401111249&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 2CB5 487 B
964 B 44ms
44ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=0gxe2vo&ref=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&upid=8iwfr6q&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 10:18:59 GMT
Via: 1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 24384
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: vZ_kCjOwEnOkee7b3h5sCNKAtEfXk4GK-Y2aERJGLLTB4JytB10WOQ==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 6546
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWFmNmFiM2EtM2UzOC00OThmLWJlZjQtYzViZTgwYzcwYWEy&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be8...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&google_gid=CAESEGv63q9nI_4ylsE4RHiKs5I&google_cver=1

70 B
584 B

56ms
55ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&google_gid=CAESEGv63q9nI_4ylsE4RHiKs5I&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 15 Aug 2022 17:05:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 17:05:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&google_gid=CAESEGv63q9nI_4ylsE4RHiKs5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame FDB1
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-5x0xcANE2uImn6caYRJc4JYz5ITnHto-~A&gdpr=0&gdpr_consent=

70 B
584 B

49ms
49ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-5x0xcANE2uImn6caYRJc4JYz5ITnHto-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 15 Aug 2022 17:05:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Mon, 15 Aug 2022 17:05:22 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-5x0xcANE2uImn6caYRJc4JYz5ITnHto-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame C37C
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5af6ab3a-3e38-498f-bef4-c5be80c70aa2&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
585 B

51ms
51ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 15 Aug 2022 17:05:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
content-length: 0

GET
H2

200

asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame C416
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

1 KB
2 KB

49ms
49ms

Document
text/html

207.198.113.230
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/Login.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: 1100b79cbe9ee53a038b732d64e9dc3f28c21ac3c99039bdbb7961777f7406f3

Request headers

Referer: https://welcome.wellmark.com/Authentication/Login.aspx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
content-length: 1135
content-type: text/html;charset=UTF-8
date: Mon, 15 Aug 2022 17:05:22 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
date: Mon, 15 Aug 2022 17:05:22 GMT
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: AC1.1

GET
H2

200

777cb268579b85eb
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/777cb268579b85eb?cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx
https://pixel.sitescout.com/up/777cb268579b85eb?cookieQ=1&cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx

43 B
417 B

50ms
50ms

Image
image/gif

207.198.113.230
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/777cb268579b85eb?cookieQ=1&cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx
Protocol: H2
Server: 207.198.113.230 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://welcome.wellmark.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:22 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/777cb268579b85eb?cookieQ=1&cntr_url=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx
date: Mon, 15 Aug 2022 17:05:22 GMT
server: AC1.1
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C416
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=

42 B
940 B

65ms
64ms

Image
image/gif

52.20.155.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.20.155.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-155-145.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-0215dc7c7.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NFM5NIf5TU0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v038-09b4c9416.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WmeR0Ry/SyA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame C416
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553

95 B
113 B

81ms
54ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:05:23 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553
date: Mon, 15 Aug 2022 17:05:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 um
sync.teads.tv/ Frame C416 23 B
287 B 217ms
53ms Image
image/gif 23.64.61.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=73&uid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.64.61.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-61-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Aug 2022 17:05:23 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame C416
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=&ct=y

49 B
738 B

80ms
79ms

Image
image/gif

52.1.175.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=&ct=y
Protocol: H2
Server: 52.1.175.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-175-157.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.35.202
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.40.45.192
content-length: 0
expires: 0

GET
H3

200

1000.gif
idsync.rlcdn.com/ Frame C416
Redirect Chain

https://idsync.rlcdn.com/384136.gif?partner_uid=b53c9e05-1526-4a1f-a925-c2f7699edabe-62fa7cd3-5553
https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyYjUzYzllMDUtMTUyNi00YTFmLWE5MjUtYzJmNzY5OWVkYWJlLTYyZmE3Y2QzLTU1NTMQABoNCNP56ZcGEgUI6AcQAEIASgA

42 B
60 B

93ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyYjUzYzllMDUtMTUyNi00YTFmLWE5MjUtYzJmNzY5OWVkYWJlLTYyZmE3Y2QzLTU1NTMQABoNCNP56ZcGEgUI6AcQAEIASgA
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 17:05:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 15 Aug 2022 17:05:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyYjUzYzllMDUtMTUyNi00YTFmLWE5MjUtYzJmNzY5OWVkYWJlLTYyZmE3Y2QzLTU1NTMQABoNCNP56ZcGEgUI6AcQAEIASgA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 403
Forbidden rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a Show response
welcome.wellmark.com/Authentication/ 919 B
1 KB 46ms
46ms XHR
text/html 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.wellmark.com/Authentication/rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a?type=js3&sn=v_4_srv_3_sn_74DF472E46B84C7B2BF86A823CD3FFCB_perc_100000_ol_0_mul_1_app-3A30b76545108b13ad_1_app-3A89752f80f7f5386e_1_app-3Afdfb78ab66891609_1_rcs-3Acss_1&svrid=3&flavor=post&vi=PSUMLIRAFPJBEJACTBPKBWBOKCCRCTFL-0&modifiedSince=1660560062798&rf=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&bp=3&app=89752f80f7f5386e&crc=3569390408&en=8nv2l28k&end=1
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 84cf78fd49e82056073b8f9cfd041c533e96e5ff4862f443a32c1b3288647be0

Request headers

Referer: https://welcome.wellmark.com/Authentication/Login.aspx
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Aug 2022 17:05:23 GMT
Via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: EWR52-C1
X-Cache: Error from cloudfront
Content-Type: text/html
Connection: keep-alive
Content-Length: 919
X-Amz-Cf-Id: 0ME8tT4R6SMkGOyBUzYOPCZ8V19B7ExF7fAdKiuT-r9DIbxPluWNCQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
55ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=0&a=1796425879&t=pageview&_s=1&dl=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&dp=%2FAuthentication%2FLogin.aspx&ul=en-us&de=UTF-8&dt=Log%20In%20Page%20%7C%20Wellmark%20Blue%20Cross%20and%20Blue%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHACEADRAAAAG~&jid=1682066232&gjid=2034712392&cid=1880118591.1660583122&tid=UA-59463684-348&_gid=1461194631.1660583122&_r=1&_slc=1&cd1=(not%20set)&cd12=8b4c185a2c554092b75dff5f3180fbaa&cd13=(not%20set)&cd15=71c70ba4-bd6f-444e-9047-2a46e54b7680&cd16=(not%20set)&cd17=(not%20set)&cd14=(not%20set)&z=1933613825

Requested by

Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://welcome.wellmark.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 17:05:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welcome.wellmark.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a Show response
welcome.wellmark.com/Authentication/ 919 B
1 KB 45ms
44ms XHR
text/html 13.33.60.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://welcome.wellmark.com/Authentication/rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a?type=js3&sn=v_4_srv_3_sn_74DF472E46B84C7B2BF86A823CD3FFCB_perc_100000_ol_0_mul_1_app-3A30b76545108b13ad_1_app-3A89752f80f7f5386e_1_app-3Afdfb78ab66891609_1_rcs-3Acss_1&svrid=3&flavor=post&vi=PSUMLIRAFPJBEJACTBPKBWBOKCCRCTFL-0&modifiedSince=1660560062798&rf=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&bp=3&app=89752f80f7f5386e&crc=2162500447&en=8nv2l28k&end=1
Requested by: Host: welcome.wellmark.com
URL: https://welcome.wellmark.com/Authentication/ruxitagentjs_ICA27Vfhjqrux_10245220704125537.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-90.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e22a86ad7be616cabf00546f3a22f98c21d8f4a98d28b0be5f5b328f3ed76117

Request headers

Referer: https://welcome.wellmark.com/Authentication/Login.aspx
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Aug 2022 17:05:25 GMT
Via: 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: EWR52-C1
X-Cache: Error from cloudfront
Content-Type: text/html
Connection: keep-alive
Content-Length: 919
X-Amz-Cf-Id: M1mSnr7gHnd8uIpu43ziJnAX576FJ2Qv839-tNZMIMZyl-kO-Ybm0Q==

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
welcome.wellmark.com/Authentication	1969-12-31 23:59:59	Name: CMXID Value: 1880118591.1660583122
.wellmark.com/	1969-12-31 23:59:59	Name: REQUESTEDURL Value: https://ebusiness.wellmark.com/brokerandagent/esmile/viewmessage.asp?id=1331126
welcome.wellmark.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: daawj4b5xaxcy5ktg1wufx4n
.wellmark.com/	1969-12-31 23:59:59	Name: TESTCOOKIE Value: Yes
.wellmark.com/	1970-01-20 14:52:23	Name: rxVisitor Value: 1660583121652DG01R218LMJSK57IDEQLBD43R4RPTA6O
.wellmark.com/	1969-12-31 23:59:59	Name: dtLatC Value: 4593
.wellmark.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.wellmark.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_74DF472E46B84C7B2BF86A823CD3FFCB_perc_100000_ol_0_mul_1_app-3A30b76545108b13ad_1_app-3A89752f80f7f5386e_1_app-3Afdfb78ab66891609_1_rcs-3Acss_1
welcome.wellmark.com/	1970-01-20 05:26:27	Name: AWSALB Value: y9WHtPiREvX11A248n9UWoeK1lEMERIiU8jEGWS45H7NtTQSkAD6LxeUjuedvfLc3jn/16IgZcDS3brVMHvmb/24zD50GrZIAwLcbTJAw+vaJS36ywWEyzv+VC6a
welcome.wellmark.com/	1970-01-20 05:26:27	Name: AWSALBCORS Value: y9WHtPiREvX11A248n9UWoeK1lEMERIiU8jEGWS45H7NtTQSkAD6LxeUjuedvfLc3jn/16IgZcDS3brVMHvmb/24zD50GrZIAwLcbTJAw+vaJS36ywWEyzv+VC6a
.wellmark.com/	1970-01-20 05:17:49	Name: _gid Value: GA1.2.1461194631.1660583122
www.wellmark.com/	1970-01-20 05:26:27	Name: AWSALB Value: 8FxarJTZ2FpI8BqA3Pft/38qz0qHjpTNbYb8gPi4HE9jX22eThH5nNx7Ahje+rYZ5DNgcv6W27M1TcV6buxk2QE3RNIqoEAQpX7V4u6ulNUzrbcLIXaArPGHQaI5
www.wellmark.com/	1970-01-20 05:26:27	Name: AWSALBCORS Value: 8FxarJTZ2FpI8BqA3Pft/38qz0qHjpTNbYb8gPi4HE9jX22eThH5nNx7Ahje+rYZ5DNgcv6W27M1TcV6buxk2QE3RNIqoEAQpX7V4u6ulNUzrbcLIXaArPGHQaI5
.wellmark.com/	1970-01-20 07:25:59	Name: _gcl_au Value: 1.1.1027506676.1660583122
.bing.com/	1970-01-20 14:37:59	Name: MUID Value: 22B7984597246CE830108A44968C6DD3
.bat.bing.com/	1970-01-20 05:26:27	Name: MR Value: 0
.wellmark.com/	1970-01-20 05:17:49	Name: _uetsid Value: 72b33d201cbc11ed9ecc91f16f6f9e84
.wellmark.com/	1970-01-20 14:37:59	Name: _uetvid Value: 72b36e901cbc11ed82d78dcec4a8277b
.wellmark.com/	1970-01-20 05:16:23	Name: _dc_gtm_UA-22866223-1 Value: 1
.welcome.wellmark.com/	1970-01-20 14:52:23	Name: _ga Value: GA1.3.1880118591.1660583122
.welcome.wellmark.com/	1970-01-20 05:17:49	Name: _gid Value: GA1.3.1461194631.1660583122
.welcome.wellmark.com/	1970-01-20 05:16:23	Name: _gat_UA-22866223-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9UcIh9Id_U8
.youtube.com/	1970-01-20 09:35:35	Name: VISITOR_INFO1_LIVE Value: H_QRLlaqeWE
.wellmark.com/	1969-12-31 23:59:59	Name: rxvt Value: 1660584922297\|1660583121654
.wellmark.com/	1970-01-20 14:52:23	Name: _ga_QKV0EYY0J7 Value: GS1.1.1660583122.1.0.1660583122.0
.wellmark.com/	1970-01-20 14:01:59	Name: _ga Value: GA1.2.1880118591.1660583122
.wellmark.com/	1970-01-20 14:01:59	Name: __ncuid Value: 71c70ba4-bd6f-444e-9047-2a46e54b7680
.wellmark.com/	1969-12-31 23:59:59	Name: dtPC Value: 3$383121650_262h-vPSUMLIRAFPJBEJACTBPKBWBOKCCRCTFL-0e0
.wellmark.com/	1970-01-20 07:25:59	Name: _fbp Value: fb.1.1660583122467.653557714
.adsrvr.org/	1970-01-20 14:01:59	Name: TDID Value: 5af6ab3a-3e38-498f-bef4-c5be80c70aa2
.wellmark.com/	1970-01-20 14:01:59	Name: _hjSessionUser_2992010 Value: eyJpZCI6ImVkYzk4M2EyLTI5NjYtNWQ0NC04NjgwLWQ4ZGFlZWVlYjJkNCIsImNyZWF0ZWQiOjE2NjA1ODMxMjI2MzAsImV4aXN0aW5nIjpmYWxzZX0=
.wellmark.com/	1970-01-20 05:16:24	Name: _hjFirstSeen Value: 1
welcome.wellmark.com/	1970-01-20 05:16:23	Name: _hjIncludedInSessionSample Value: 0
.wellmark.com/	1970-01-20 05:16:24	Name: _hjSession_2992010 Value: eyJpZCI6ImExNWJlOGRkLWViYjUtNDdmMS1hZTY5LTU0YzUxZGUyNmY1NSIsImNyZWF0ZWQiOjE2NjA1ODMxMjI2NDcsImluU2FtcGxlIjpmYWxzZX0=
.wellmark.com/	1970-01-20 05:16:24	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 14:52:23	Name: IDE Value: AHWqTUlvf4OuqASDSojIAnKaH7W_htOFN1RUlaRaCyybvf71RjLlLflJIKLLp6Y2QqM
.yahoo.com/	1970-01-20 14:02:20	Name: A3 Value: d=AQABBNJ8-mICENcyv14tEW561jy2jKRTOk4FEgEBAQHO-2IEYwAAAAAA_eMAAA&S=AQAAAmPKbotI_DBT8FNtjgB93PY
.rubiconproject.com/	1970-01-20 14:01:59	Name: khaos Value: L6V0BE1S-1H-7263
.rubiconproject.com/	1970-01-20 14:01:59	Name: audit Value: 1\|j6Qvna6ZxyRsj946v0MEjYYrLjL/1uisNBbWZRtCRS9z+9LtiDVAhsNUZ1fP5lNSuAgRdcDPd/wwHTRO1/p4iHX0qfg68IpFQAPcN3ARK86YWjn8plSBk9xeOPVDjL72aNBOcXhsIClJNnQ0OxDCoF6Xjuq+7vLXoF2+O0K/kZXREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.analytics.yahoo.com/	1970-01-20 14:01:59	Name: IDSYNC Value: 1769~26lt
.adsrvr.org/	1970-01-20 14:01:59	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsItNzl-cu6_zoQBRIZCgpyaWdodG1lZGlhEgsI7OSS98u6_zoQBRIWCgdydWJpY29uEgsI7OSS98u6_zoQBRgFIAIoAzILCOzclaTiuv86EAVCDyINCAESCQoFdGllcjMQAVoHMGd4ZTJ2b2AB
.sitescout.com/	1970-01-20 14:01:59	Name: ssi Value: b53c9e05-1526-4a1f-a925-c2f7699edabe#1660583123003
.sitescout.com/	1970-01-20 05:59:35	Name: _ssuma Value: eyIzNCI6MTY2MDU4MzEyMzA1MywiMiI6MTY2MDU4MzEyMzA1MywiMzkiOjE2NjA1ODMxMjMwNTMsIjciOjE2NjA1ODMxMjMwNTMsIjgiOjE2NjA1ODMxMjMwNTN9
.rlcdn.com/	1970-01-20 14:01:59	Name: rlas3 Value: TJOk7wIKSH4xIIXWEsxklFTBsf5xlulsqiOlxP3Jipo=
.tapad.com/	1970-01-20 06:42:47	Name: TapAd_TS Value: 1660583123174
.tapad.com/	1970-01-20 06:42:47	Name: TapAd_DID Value: d6244c7a-6fdd-4044-9cf2-f6a586cef092
.rlcdn.com/	1970-01-20 06:42:47	Name: pxrc Value: CNP56ZcGEgUI6AcQAA==
.tapad.com/	1970-01-20 06:42:47	Name: TapAd_3WAY_SYNCS Value:
.teads.tv/	1970-01-20 14:00:32	Name: tt_viewer Value: 60f1cd6a-d53a-473e-9ba9-6d7266cf9178
.crwdcntrl.net/	1970-01-20 11:45:11	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 11:45:11	Name: _cc_id Value: 42e1e38210c7bdd670e09c55c74ec249
.crwdcntrl.net/	1970-01-20 11:45:11	Name: _cc_cc Value: "ACZ4XmNQMDFKNUw1tjAyNEg2T0pJMTM3SDWwTDY1TTY3SU02MrFkAIKkXzWXQTQUAABZPAtc"
.crwdcntrl.net/	1970-01-20 11:45:11	Name: _cc_aud Value: "ABR4XmNgYGBI%2BlVzGUhBAQAhAQKs"
.demdex.net/	1970-01-20 09:35:35	Name: demdex Value: 34360816704791712950863677686820827102
.dpm.demdex.net/	1970-01-20 09:35:35	Name: dpm Value: 34360816704791712950863677686820827102
.wellmark.com/	1970-01-20 05:16:23	Name: _gat_ncAudienceInsightsGa Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://welcome.wellmark.com/Authentication/rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a?type=js3&sn=v_4_srv_3_sn_74DF472E46B84C7B2BF86A823CD3FFCB_perc_100000_ol_0_mul_1_app-3A30b76545108b13ad_1_app-3A89752f80f7f5386e_1_app-3Afdfb78ab66891609_1_rcs-3Acss_1&svrid=3&flavor=post&vi=PSUMLIRAFPJBEJACTBPKBWBOKCCRCTFL-0&modifiedSince=1660560062798&rf=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&bp=3&app=89752f80f7f5386e&crc=3569390408&en=8nv2l28k&end=1 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://welcome.wellmark.com/Authentication/rb_2fde164b-4e68-4bd4-8351-fab8f0d49b1a?type=js3&sn=v_4_srv_3_sn_74DF472E46B84C7B2BF86A823CD3FFCB_perc_100000_ol_0_mul_1_app-3A30b76545108b13ad_1_app-3A89752f80f7f5386e_1_app-3Afdfb78ab66891609_1_rcs-3Acss_1&svrid=3&flavor=post&vi=PSUMLIRAFPJBEJACTBPKBWBOKCCRCTFL-0&modifiedSince=1660560062798&rf=https%3A%2F%2Fwelcome.wellmark.com%2FAuthentication%2FLogin.aspx&bp=3&app=89752f80f7f5386e&crc=2162500447&en=8nv2l28k&end=1 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.newscred.com
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
ebusiness.wellmark.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
up.pixel.ad
ups.analytics.yahoo.com
vars.hotjar.com
welcome.wellmark.com
wm-languages-disclaimers.azurewebsites.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.wellmark.com
www.youtube.com
107.178.246.49
13.33.60.90
142.250.65.194
142.251.40.162
143.204.138.162
143.204.146.114
143.204.146.14
143.204.146.98
168.62.224.13
198.245.34.203
207.198.113.230
23.64.61.72
2607:f8b0:4004:c09::9c
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2004
2607:f8b0:4006:823::200e
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.33.220.150
35.190.60.146
52.1.175.157
52.20.155.145
52.45.33.138
69.173.151.100
69.28.157.216
99.84.37.48
99.84.37.78
008be00294fb0c76e31c77265f655942cea9ac2b879c7ff57bc37215dc34fc2b
076717c3769ce8707bf611a6d2631ee9345efd4962a55b528526a09a70fc0d3d
0dc29081bda373a618fe9d0c0d5f43fd9fb45fdd9c815b621ef2e2564217091c
0ebd8ddf9ddf0ed51b59f0ca89c654ce164e89c1377df30b5be88ac50f54f4ee
0ec15d12210fef25c142e165cce80bd1c56ffb02441873b4294e3a864ddf5fe7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1100b79cbe9ee53a038b732d64e9dc3f28c21ac3c99039bdbb7961777f7406f3
13792fa33d32ae8a52881ad72e805eaab5a4b94a8f172d662282c6af2f6d02de
138eaa1d891bff2711c315f16730611d486c4a6a038a4eeab0e203d05d804e00
14f0f395f0240775fb78662aa1a0f3dcb70560325ca2c497c4a80dd10ed64dc9
17b947ca59c82ed002f20d78c7b225cea5c0d42455c7252f8dbd7a3a093540d9
24326f874273aca0c5172b4e9ea5f693c8571e04b106e50e840706e74a4b63d6
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
298fd8e4a535f653e7571022acd2005fb316548d9ff01f0dd8433170780289de
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
3886319b97fccf63560e40d9209479777cc45a3f50cc174f4d5213ac10cdf84b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4bad3783eb171669c72bc8ac573e30391d1fce63b8f5d3e99467efbb5be6b520
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
51f29d7e74f24b18e55f8932f8108d8d02af3a5d5432c5407960265c3fa1ebea
536d7488259b9dc39cb27731b905fa2c888caa08c96c34efd97650ff7ff3680e
53c42590f156be0466dea80d08b405bcba26f76515bc7067371faf00d96c46b4
5ebab8f0a7203dd29848a69b18a981f5fd5ce059beb1232c9a469d2b5a8e4374
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
739f0a5ef9a2704758e81804f25d89cc55535cabcc3c05d2127cc70aef5b3c94
77fc17cb9bb88ded98d23c9515b0abdc5b7234eaa9adc56b1aacc95f11663cec
81b971f9d3949db7d3187fb76bf35a612ee5fc89b2e663bbe0a8ad3db701602c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cf78fd49e82056073b8f9cfd041c533e96e5ff4862f443a32c1b3288647be0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb8fd15aa87943287267358479866a9bbb1338f8b44648a5360977be5bdfe13
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28375d72e552a424f153192d974a1cf6f887dd438c771a0e1c5f87072965960
a91d9547b22485d24d3e4990c650779ce388d7f57707bbeb061c830f10fc8830
b637e4681c7a2244d61f4b0e1e7d936f5957ad85361067faf64c2d024ffd6156
cd31d30d1b0e42cd7e3c29a9eede17b4951465a5c68f8e3bc2ccb085df99df84
cf700c000f4ac323e3a03c1ce4d97f55948875586173c6b6d18b7548ad37d61f
d3c5f375f771d9878234ae54577627f6ed0e896b067b5639368e5d8c54da8ebe
d40dc365a1477ef4d6431c2a009d4a40d9985aab50b1a281c2b50e4047021b36
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e22a86ad7be616cabf00546f3a22f98c21d8f4a98d28b0be5f5b328f3ed76117
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e831919b79803a91ff938fbcb08966f1bebc526d8aa96e70a4ce8965ac0ad398
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f9cdf1363ca296a996f4911881aa994473b836f47593374bbd68bd91d40604cd
fa8c52dc381250ce24bfd3fe2e9b855b98920bbd2028f7b1602b94942c98bc47

welcome.wellmark.com Open in urlscan Pro 13.33.60.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

86 %HTTPS

30 %IPv6

23 Domains

31 Subdomains

27 IPs

1 Countries

1711 kBTransfer

3318 kBSize

57 Cookies

8 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

welcome.wellmark.com Open in urlscan Pro
13.33.60.90 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

86 %
HTTPS

30 %
IPv6

23
Domains

31
Subdomains

27
IPs

1
Countries

1711 kB
Transfer

3318 kB
Size

57
Cookies

65 HTTP transactions
1 data transactions