accounts.myuhc.com Open in urlscan Pro
168.183.37.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sso.optum.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F...
Effective URL:
https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccou...
Submission: On November 07 via manual (November 7th 2022, 4:52:04 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 22 domains to perform 97 HTTP transactions. The main IP is 168.183.37.28, located in United States and belongs to UHC, US. The main domain is accounts.myuhc.com. The Cisco Umbrella rank of the primary domain is 663933.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 8th 2022. Valid for: a year.

This is the only time accounts.myuhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	149.111.144.83 149.111.144.83	10879 (UHC) (UHC)
21	168.183.37.28 168.183.37.28	10879 (UHC) (UHC)
1	149.111.164.232 149.111.164.232	10879 (UHC) (UHC)
6	2a02:26f0:350... 2a02:26f0:3500:798::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	34.249.157.182 34.249.157.182	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:7b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.242.111.67 34.242.111.67	16509 (AMAZON-02) (AMAZON-02)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	52.212.76.227 52.212.76.227	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	149.111.165.13 149.111.165.13	10879 (UHC) (UHC)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:225e:4c00:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	149.111.148.50 149.111.148.50	10879 (UHC) (UHC)
6	45.60.33.26 45.60.33.26	19551 (INCAPSULA) (INCAPSULA)
1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	91.235.133.67 91.235.133.67	30286 (THM) (THM)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:215... 2600:9000:2156:c800:18:ee0c:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2600:9000:223... 2600:9000:223c:5a00:15:bf9a:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:1200:14:7b3:cf40:93a1	() ()
1	2600:9000:223... 2600:9000:223e:800:6:607f:55c0:93a1	() ()
2	52.178.179.169 52.178.179.169	() ()
97	33

1 149.111.144.83 (United States) 1 redirects

ASN10879 (UHC, US)

sso.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 168.183.37.28 (United States)

ASN10879 (UHC, US)
PTR: healthsafeid-ctc.optum.com

accounts.myuhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.164.232 (United States)

ASN10879 (UHC, US)
PTR: repo-elr.rakanto.com

repo.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:798::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.249.157.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.111.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.76.227 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-76-227.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.111.165.13 (United States)

ASN10879 (UHC, US)
PTR: cse-elr.rakanto.com

cse.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225e:4c00:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.111.148.50 (United States)

ASN10879 (UHC, US)
PTR: www-elr.myoptum.com

www.myoptum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)

member.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

8584968.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.133.67 (United States)

ASN30286 (THM, US)

rba-screen.healthsafe-id.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:c800:18:ee0c:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

sd.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

art.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5a00:15:bf9a:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

post.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:1200:14:7b3:cf40:93a1 (None, )

ASN- ()

ips-invite.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:800:6:607f:55c0:93a1 (None, )

ASN- ()

ips-img.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.178.179.169 (None, )

ASN- ()

collect.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	healthsafe-id.com www.healthsafe-id.com — Cisco Umbrella Rank: 105499 rba-screen.healthsafe-id.com — Cisco Umbrella Rank: 129920	145 KB
19	myuhc.com accounts.myuhc.com — Cisco Umbrella Rank: 663933	525 KB
14	iperceptions.com universal.iperceptions.com — Cisco Umbrella Rank: 13055 api.iperceptions.com — Cisco Umbrella Rank: 12010 sd.iperceptions.com — Cisco Umbrella Rank: 14805 post.iperceptions.com — Cisco Umbrella Rank: 36519 ips-invite.iperceptions.com ips-img.iperceptions.com collect.iperceptions.com	147 KB
6	werally.com member.werally.com — Cisco Umbrella Rank: 119108	114 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 467	180 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 4018 60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net	17 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 285 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 70869	7 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 8584968.fls.doubleclick.net — Cisco Umbrella Rank: 110384	4 KB
4	optum.com 1 redirects sso.optum.com — Cisco Umbrella Rank: 106381 smetrics.optum.com — Cisco Umbrella Rank: 59084	2 KB
3	rakanto.com repo.rakanto.com — Cisco Umbrella Rank: 66498 cse.rakanto.com — Cisco Umbrella Rank: 65630	43 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	35 KB
2	myoptum.com www.myoptum.com — Cisco Umbrella Rank: 143075	19 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457 insight.adsrvr.org — Cisco Umbrella Rank: 849	525 B
2	google.com www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 134	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	111 KB
1	azureedge.net art.azureedge.net — Cisco Umbrella Rank: 124592	2 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 3064	72 B
1	google.de www.google.de — Cisco Umbrella Rank: 3590	548 B
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 62998	813 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1487	517 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 9207	4 KB
97	22

	Domain	Requested by
19	accounts.myuhc.com	accounts.myuhc.com
17	rba-screen.healthsafe-id.com	accounts.myuhc.com rba-screen.healthsafe-id.com
6	member.werally.com	accounts.myuhc.com
6	assets.adobedtm.com	accounts.myuhc.com assets.adobedtm.com
4	h.online-metrix.net	1 redirects rba-screen.healthsafe-id.com
4	universal.iperceptions.com	accounts.myuhc.com universal.iperceptions.com
4	dpm.demdex.net	1 redirects accounts.myuhc.com
3	smetrics.optum.com	accounts.myuhc.com
2	collect.iperceptions.com
2	ips-invite.iperceptions.com	universal.iperceptions.com ips-invite.iperceptions.com
2	sd.iperceptions.com	universal.iperceptions.com
2	api.iperceptions.com	accounts.myuhc.com
2	www.facebook.com	8584968.fls.doubleclick.net
2	connect.facebook.net	8584968.fls.doubleclick.net connect.facebook.net
2	8584968.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.healthsafe-id.com	accounts.myuhc.com www.healthsafe-id.com
2	www.myoptum.com	accounts.myuhc.com
2	cse.rakanto.com	accounts.myuhc.com
2	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
1	ips-img.iperceptions.com
1	post.iperceptions.com	accounts.myuhc.com
1	art.azureedge.net	universal.iperceptions.com
1	60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net
1	adservice.google.com	8584968.fls.doubleclick.net
1	insight.adsrvr.org	8584968.fls.doubleclick.net
1	global.ib-ibi.com	accounts.myuhc.com
1	match.adsrvr.org	accounts.myuhc.com
1	cm.g.doubleclick.net	1 redirects
1	www.google.de	accounts.myuhc.com
1	www.google.com	accounts.myuhc.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	unitedhealthgroup.tt.omtrdc.net	accounts.myuhc.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	browser-update.org	accounts.myuhc.com
1	repo.rakanto.com	accounts.myuhc.com
1	sso.optum.com	1 redirects
97	37

This site contains links to these domains. Also see Links.

Domain
www.myuhc.com
www.uhc.com

Subject Issuer	Validity	Valid
healthsafeid.optum.com COMODO RSA Organization Validation Secure Server CA	`2022-08-08` - `2023-08-08`	a year	crt.sh
repo.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-20` - `2023-04-20`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
cse.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.iperceptions.com Amazon	`2022-03-16` - `2023-04-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.myoptum.com COMODO RSA Organization Validation Secure Server CA	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.werally.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-07` - `2023-08-04`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-17` - `2022-11-15`	3 months	crt.sh
rba-screen.healthsafe-id.com COMODO RSA Organization Validation Secure Server CA	`2022-05-16` - `2023-05-16`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Frame ID: 409F60D4C124EB380367C16013D92B46
Requests: 61 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 7840AA6778E395A3E02D66DC9D5EF1BD
Requests: 4 HTTP requests in this frame

Frame: https://www.healthsafe-id.com/protected/crossStorageHub
Frame ID: C9193FAD2797B1648AEA73FE684BE921
Requests: 2 HTTP requests in this frame

Frame: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0
Frame ID: 953B1C0DBD59EB2A0130736A0F99F856
Requests: 7 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 7D518EA991BFDC00C983C7993899A245
Requests: 1 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jb=3d3b242468716d7d35576b6c6667777126687b6d3f556b66666d757327323031302668716a773f416a706d656d2668716035436a726d6567273032393235
Frame ID: 4E4FA46E9F79F4727380E3DEF220FCCC
Requests: 12 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: DE89A672688BFF6258C5853BF26C39C4
Requests: 3 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870
Frame ID: DD74FD068ADB01722F8B352218124ED7
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870
Frame ID: 6C5BF1B0EB67BD4240D53999C124E3C7
Requests: 2 HTTP requests in this frame

Frame: https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870
Frame ID: B92783209AF39EE3925B28D4A2ED7610
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2D57E567C8C2255980D5AB1325CA398B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In - UnitedHealthcare Community Plan

Page URL History Show full URLs

https://sso.optum.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

97
Requests

96 %
HTTPS

43 %
IPv6

22
Domains

37
Subdomains

33
IPs

4
Countries

1357 kB
Transfer

4999 kB
Size

38
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myuhc.com/communityplan

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/accessibility
Title: Accessibility Statement for Individuals with Disabilities Opens in a new window or tab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sso.optum.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Faccounts.myuhc.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiT3BGZlJCOGY1M3oteUR5UTVpa00tYThJOU9zIiwic3VmZml4IjoiUmZGMmowLjE2Njc2Nzc0NjMifQ..Vx5gedB5Mv2Ef6ZCg8meWQ.jpnSLz8sykmSWLAdcd0QXL5Yb5gLvOxpchCFcHVoRPuoRUXHk-I6eHLbmlF6sY6PDiF5nV8ysHJJ08_Yf8kpH2dvlI61RPmpZsJgc_L4fsvybbkGKoNSIEC0crpeqQ-4.9CTH97_YUeMm2SfJIyUCLw&nonce=slj2ee-LTGtyId4uGQ7cYYebK0F2GdRyxDRcFUzXHtw&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&vnd_pi_application_name=HSIDProdRTApp\%22%3Elink HTTP 302
https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001

Request Chain 21

https://cm.everesttech.net/cm/dd?d_uuid=33090588644273874393203782383470126600 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y2k3rQAAAB2G2ANn

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzMwOTA1ODg2NDQyNzM4NzQzOTMyMDM3ODIzODM0NzAxMjY2MDA= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJctS5kQpydpGcV_grEIZU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 47

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0 HTTP 302
https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0

Request Chain 69

https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&k=2

97 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
accounts.myuhc.com/rt/
Redirect Chain

https://sso.optum.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Faccounts.myuhc.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLC...
https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0

7 KB
5 KB

885ms
144ms

Document
text/html

168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

239a7477d8be074d6c1383374fd4cc3d08958cdce79b165117d075f21aba663b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:54 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtRpid;desc="-1628853482"
Strict-Transport-Security: max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: PCHS4
X-ruxit-JS-Agent: true

Redirect headers

Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Mon, 07 Nov 2022 16:51:53 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=60
Location: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Pragma: no-cache
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload

GET
H/1.1 200
OK bundle-average.js Show response
accounts.myuhc.com/assets/ 995 B
1 KB 140ms
140ms Script
application/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/assets/bundle-average.js

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

fff65bcf754e67218af1a870099b30a94b2dd18511ebad46e98ccb2bc6f5062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:54 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS2
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
X-ion-hop: 1
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Server-Timing: dtRpid;desc="-2123848606"
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK ruxitagentjs_ICA27Vdefghjrtux_10247220811100421.js Show response
accounts.myuhc.com/ 256 KB
95 KB 267ms
127ms Script
text/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/ruxitagentjs_ICA27Vdefghjrtux_10247220811100421.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

9a585d7814f942c5b4ed2657982636c90e5deb21df13362ea33f50aa553c2feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 96629
Expires: Tue, 07 Nov 2023 16:51:54 GMT

GET
H/1.1 200
OK bundle-average.js Show response
accounts.myuhc.com/assets/ 216 KB
124 KB 471ms
266ms Script
application/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

08c5a05fc7a0411fc5a6ed810e8e7eca8bf023cfa8036331115ecbff39c0d037

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:55 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
X-ion-hop: 1
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600, immutable
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK BrowserUpdate.css
accounts.myuhc.com/rt/ 1 KB
1 KB 136ms
136ms Stylesheet
text/css 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/BrowserUpdate.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

7ffd485c05f4fd239e22ea634e2abb1eca0482d4a0ba69632b9ba35ef9090f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Last-Modified: Thu, 20 Oct 2022 17:41:10 GMT
Content-Encoding: gzip
ETag: "5c3-5eb7ad4a9f980-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtSInfo;desc="1"
Content-Length: 618
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cx.js Show response
repo.rakanto.com/rakanto/cx/ 128 KB
42 KB 856ms
136ms Script
application/javascript 149.111.164.232
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://repo.rakanto.com/rakanto/cx/cx.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.164.232 , United States, ASN10879 (UHC, US),

Reverse DNS

repo-elr.rakanto.com

Software

Resource Hash

ac26d59803d22cc009d9a696aed47f685b0f6239d2d806e2449d3d0219c4751e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:56 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, private
Connection: keep-alive
Expires: Mon, 07 Nov 2022 17:21:56 GMT

GET
H/1.1 200
OK index.831458e5.chunk.css
accounts.myuhc.com/rt/static/css/ 95 KB
16 KB 154ms
154ms Stylesheet
text/css 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

7c4b8c1b21c24030b1ff96a3d104ebd8ffb40928a203af3f224301ffa0f01944

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS2
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "3da1-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtRpid;desc="-459658276"
Content-Length: 15777
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 6.b065706f.chunk.js Show response
accounts.myuhc.com/rt/static/js/ 451 KB
147 KB 174ms
174ms Script
text/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/js/6.b065706f.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

e39a5dc7153823fde77895188f8eea05de4070d3ebfb665263bc84a58374bfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "24b63-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtSInfo;desc="1"
Content-Length: 150371
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index.3d8bb9a8.chunk.js Show response
accounts.myuhc.com/rt/static/js/ 241 KB
69 KB 168ms
168ms Script
text/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/js/index.3d8bb9a8.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

226e1671e8cfcd7483b2b70fff472e120689ff7ab80a984064aa04e0640072f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS4
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "10fc3-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtRpid;desc="1965218570"
Content-Length: 69571
X-XSS-Protection: 1; mode=block

GET
H2 200 launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js Show response
assets.adobedtm.com/ 456 KB
93 KB 29ms
7ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/js/index.3d8bb9a8.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 754b9cf0b89df100385c0e5e6635c7a30038aa0fa8fe4a5a53f273f7de0b068b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:56 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:11 GMT
server: AkamaiNetStorage
etag: "21bbe2c47590ee4f01db473ca9827573:1666974071.904009"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 94611
expires: Mon, 07 Nov 2022 17:51:56 GMT

GET
H/1.1 200
OK 18.6d2c9da3.chunk.js Show response
accounts.myuhc.com/rt/static/js/ 11 KB
6 KB 141ms
140ms Script
text/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/js/18.6d2c9da3.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

3503268a4f58b27f6e3519961cad862b511c55f93def3493ad771d874c0b01e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "13ae-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtSInfo;desc="1"
Content-Length: 5038
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 en Show response
accounts.myuhc.com/uiconfig/communityplan/ 2 KB
2 KB 213ms
213ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/uiconfig/communityplan/en

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

985d764518c9a4ddc16f4c3b093e4bbd7dd3a2d683c46a3326fa8e18a429bc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h2vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 824
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 en Show response
accounts.myuhc.com/hsid2/content/communityplan/ 150 KB
43 KB 444ms
444ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/hsid2/content/communityplan/en

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

0ab928a69a618d8517577dd9b744e1e605d83958a976f96220b4d5bd2a1de630

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h3vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS4
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=ISO-8859-1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Server-Timing: dtRpid;desc="-1503774046"
Content-Length: 43199
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 featureFlags Show response
accounts.myuhc.com/ 1 KB
2 KB 252ms
133ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/featureFlags

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

77c889e4f81107673d8ce0505a608eb45e47da7cbe687e0449c9ed26f79e2b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h4vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS4
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Server-Timing: dtRpid;desc="1177449715"
Content-Length: 536
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001

973 B
1 KB

34ms
33ms

XHR
application/json

34.249.157.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0

Protocol

HTTP/1.1

Server

34.249.157.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

82b324d7a6d59656bca298ce3fef6ff4ad2fa0641e306e12f60d79a21234d4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 9Lz4aq3BReI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://accounts.myuhc.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 560
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0ff225fd5.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FEiJXzj8Tmg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://accounts.myuhc.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1667839917001
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX505b78ee57554bfcabc05448ba65289a-libraryCode_source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/ 331 KB
85 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/EX505b78ee57554bfcabc05448ba65289a-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 90daf978eee928560cc86e94ccf84cc0eee2b4210a025a8c71a8a18cf9af6bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:12 GMT
server: AkamaiNetStorage
etag: "9d64cd32d50fb65433d56c58c7dc6019:1666974072.725644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 86419
expires: Mon, 07 Nov 2022 17:51:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 96ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7d2e4046f88a5a8869a580638fcdc43bc7377a327bc2fd906100645045312c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44008
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:36:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 16:51:57 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
4 KB 62ms
30ms Script
application/javascript 2606:4700:20::681a:7b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/js/18.6d2c9da3.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9e04afdafe426ce893f20a2bf4d80d88c8230487e74acea10e2a1deff69859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 08:29:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1326163
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTySJ7lu4sKswOoT4kDIXYYUSaW7YpJ60h13NFFw3Pqbwm94QlnDCJeHYGSJTWYMi3vrBFMNc1D0ejudAGv2pzQUd33gpguTF9mTIq2kEleh6sYddzkENXBxESJTOLHc92hFjtqoxvKmSlD7Sq8FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 7667939a6f299b6a-FRA
expires: Mon, 24 Oct 2022 08:29:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ba3eeae70568314d717d07a4bca0a812a1eba2c3aef67c8b57d8530611f77c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69324
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 16:51:57 GMT

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 7840 7 KB
3 KB 133ms
33ms Document
text/html 34.242.111.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.111.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-06d6ad95b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hyWHGb4HTtY=
content-encoding: gzip
date: Mon, 7 Nov 2022 16:51:57 GMT
last-modified: Fri, 28 Oct 2022 13:34:31 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
459 B 185ms
18ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=24516086958257494462567018276414208481&ts=1667839917285

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

1ad88252eb3cc0a5d25210a3a6bc745999634a52040cb72dd167bb5798691784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://accounts.myuhc.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y2k3rQAAAB2G2ANn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=33090588644273874393203782383470126600
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y2k3rQAAAB2G2ANn

42 B
942 B

33ms
33ms

Image
image/gif

34.249.157.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y2k3rQAAAB2G2ANn

Requested by

Protocol

HTTP/1.1

Server

34.249.157.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9htLOy4UTVM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y2k3rQAAAB2G2ANn
Date: Mon, 07 Nov 2022 16:51:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
813 B 123ms
59ms XHR
application/json 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=552ae8c5381346008093a5a7b3ef9f00&version=2.3.2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

88f3cf42092a52dfca5d62e502aaf3bb77819312c141a0f3700f1e4673e12553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://accounts.myuhc.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: a2c9dfff-4ac8-4040-9f21-6bbe98df247e

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 2 KB
2 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1667839917319&cv=11&fst=1667839917319&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&tiba=HealthSafe%20ID%C2%AE&auid=1172034578.1667839917&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f8f57644f75ae8d87c398791beb50639d74efae6fdcdaebbe70cef775fcbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 991
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
469 B 1259ms
128ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 07 Nov 2022 16:51:58 GMT
X-ps-id: elr_cse_collector_7
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://accounts.myuhc.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
548 B 75ms
25ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1667839917319&cv=11&fst=1667836800000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2315815703&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801669703/ 42 B
548 B 92ms
35ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801669703/?random=1667839917319&cv=11&fst=1667836800000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&tiba=HealthSafe%20ID%C2%AE&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2315815703&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 82ms
17ms Script
application/javascript 2600:9000:225e:4c00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/js/index.3d8bb9a8.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:51:07 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
content-md5: d5YIeO59lrTqhttidyvULA==
age: 128
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 35a45326-401e-0042-7085-f2c2dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: 17e9dWEr--9MM2gacWehWLxwWoCdT1JgxHh1YnsRqYPmAGeNZp_vBA==

GET
H/1.1 200
OK 8.d87b1ce4.chunk.css
accounts.myuhc.com/rt/static/css/ 1 KB
1 KB 145ms
138ms Stylesheet
text/css 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/css/8.d87b1ce4.chunk.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

b4dcc5168f9904823f77d6704afc9932ae3ad21e5e7c025287a3661c5b042b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS4
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "1f1-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtRpid;desc="699547362"
Content-Length: 497
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 8.892f7d55.chunk.js Show response
accounts.myuhc.com/rt/static/js/ 31 KB
10 KB 157ms
151ms Script
text/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rt/static/js/8.892f7d55.chunk.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

f3fb2e8fd33ff77ffa04a3dc8f40c70aea86dd1332132cc2832f9989e245a1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS3
Last-Modified: Thu, 20 Oct 2022 17:41:49 GMT
Content-Encoding: gzip
ETag: "257a-5eb7ad70c5380:dtagent102472208111004210EQI"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtRpid;desc="1083346230"
Content-Length: 9594
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPJctS5kQpydpGcV_grEIZU&google_cver=1
dpm.demdex.net/ Frame 7840
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzMwOTA1ODg2NDQyNzM4NzQzOTMyMDM3ODIzODM0NzAxMjY2MDA=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJctS5kQpydpGcV_grEIZU&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

41ms
40ms

Image
image/gif

34.249.157.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJctS5kQpydpGcV_grEIZU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

34.249.157.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-157-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4tKzw0AlT88=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJctS5kQpydpGcV_grEIZU&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7840 70 B
265 B 139ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=accounts.myuhc.com&ttd_tpi=1
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK New_Community_Logo.png
www.myoptum.com/content/dam/hsid/ 15 KB
16 KB 1286ms
122ms Image
image/png 149.111.148.50
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myoptum.com/content/dam/hsid/New_Community_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.148.50 , United States, ASN10879 (UHC, US),

Reverse DNS

www-elr.myoptum.com

Software

Apache /

Resource Hash

ddd4c18ff7a38c8dacb45c3a1d8f053d0e8801dc03e32c940c161d0dcf982b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Fri, 04 Nov 2022 16:12:01 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 15869

GET
H/1.1 200
OK ExternalLink.64fe2dcc.svg
accounts.myuhc.com/rt/static/media/ 524 B
907 B 140ms
140ms Image
image/svg+xml 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.myuhc.com/rt/static/media/ExternalLink.64fe2dcc.svg

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

a4f6f51ae326512f2bafad7193332cbecf32f880b8291573411228f153ebeab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS1
Last-Modified: Thu, 20 Oct 2022 17:41:50 GMT
Content-Encoding: gzip
ETag: "20c-5eb7ad70c5380-gzip"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: dtSInfo;desc="1"
Content-Length: 287
X-XSS-Protection: 1; mode=block

GET
H2 200 UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ 22 KB
22 KB 530ms
470ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-Bold.woff2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5794"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 1-2506852-2506858 NNNN CT(91 184 0) RT(1667839917394 11) q(0 0 2 1) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22420

GET
H2 200 UHC2020Sans-Medium.woff2
member.werally.com/assets/fonts/ 23 KB
23 KB 551ms
491ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-Medium.woff2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5aac"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 1-2506852-2506859 NNNN CT(93 188 0) RT(1667839917394 11) q(0 0 2 2) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 23212

GET
H2 200 UHC2020Sans-SemiBold.woff2
member.werally.com/assets/fonts/ 22 KB
23 KB 544ms
485ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-SemiBold.woff2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5920"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 1-2506852-2506860 NNNN CT(93 188 0) RT(1667839917394 11) q(0 0 2 4) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22816

GET
H2 200 UHC2020Sans-Regular.woff2
member.werally.com/assets/fonts/ 23 KB
23 KB 543ms
484ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHC2020Sans-Regular.woff2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

006d82594c8e42cdde29c93d2e492011440049a6e9636fa2a496158c39b7d51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5a30"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 1-2506852-2506861 NNNN CT(91 187 0) RT(1667839917394 11) q(0 0 2 5) r(3 4) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 23088

GET
H/1.1 200 crossStorageHub Show response
www.healthsafe-id.com/protected/ Frame C919 1 KB
2 KB 648ms
159ms Document
text/html 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/protected/crossStorageHub

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/js/6.b065706f.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

15536d1324d76d7aa6a54e42da1cdf632f398e958f54c0362986a337d4cae0d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *; frame-ancestors 'self' https://accounts.myuhc.com/;
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM https://accounts.myuhc.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, PUT, GET
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 462
Content-Security-Policy: default-src 'unsafe-inline' *; frame-ancestors 'self' https://accounts.myuhc.com/;
Content-Type: text/html;charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:58 GMT
Expires: 0
Pragma: no-cache
Server-Timing: dtRpid;desc="-626527565"
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: ALLOW-FROM https://accounts.myuhc.com/
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ps-id: PCHS3

GET
H2 200 system-arrow-md.svg Show response
member.werally.com/assets/icons/ 347 B
849 B 398ms
385ms XHR
image/svg+xml 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/icons/system-arrow-md.svg

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5abe9cfd90c2fc5af4b32eaa25a5820efb0ec435ac97b1fa251211b368fc0857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:21 GMT
x-cdn: Imperva
etag: W/"6283d51d-15b"
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 1-2506852-2505651 2VNN RT(1667839917394 11) q(0 0 0 5) r(3 3)
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 261

POST
H/1.1 200 inbound Show response
accounts.myuhc.com/hsid/setup/ 59 B
1 KB 209ms
209ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/hsid/setup/inbound

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/json
Accept: application/json
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h10vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
Server-Timing: dtRpid;desc="-92241436"
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-ps-id: PCHS3
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://accounts.myuhc.com
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Vary: Accept-Encoding
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, remember-me, csrf-token, Q5eim0SSzm-a, Q5eim0SSzm-b, Q5eim0SSzm-c, Q5eim0SSzm-d, Q5eim0SSzm-f, Q5eim0SSzm-z
Expires: 0

GET
H/1.1 200 rbaurl Show response
accounts.myuhc.com/hsid/ 107 B
673 B 205ms
204ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/hsid/rbaurl?portalBrand=communityplan&lang=en

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

d4c6b94818b0a1b53bd03800ee54e3d8ad43bda0e135b86c730aa7807115cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h11vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:57 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS2
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Server-Timing: dtRpid;desc="58482420"
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 RC22a4fa6defa54c588de3c8319b2ccc8a-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/ 960 B
849 B 16ms
15ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/RC22a4fa6defa54c588de3c8319b2ccc8a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e4fcb5e542d86ea6b6006196def8a4ece1d1dbe0273f951798e5be61c3f84812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:12 GMT
server: AkamaiNetStorage
etag: "9d64cd32d50fb65433d56c58c7dc6019:1666974072.725644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 581
expires: Mon, 07 Nov 2022 17:51:57 GMT

GET
H2 200 s9701380688141
smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod/1/JS-2.8.2-LCXS/ 43 B
202 B 20ms
18ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgoptumglobalprod,uhghsidprod/1/JS-2.8.2-LCXS/s9701380688141?AQB=1&ndh=1&pf=1&t=7%2F10%2F2022%2016%3A51%3A57%201%200&sdid=1BD81002C242B981-12D0F4154026D7E2&mid=24516086958257494462567018276414208481&aamlh=6&ce=UTF-8&pageName=optum%3Ahsid%3Alogin%3Alogin&g=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&v1=optum&h1=optum%3Ahsid&v2=hsid&v3=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&v4=communityplan&c14=D%3Dv14&v14=optum%20digital&c22=D%3Dv22&v22=consumer&c23=D%3Dv23&v23=not%20loggedin&c25=D%3Dv25&v25=optum%3Ahsid%3Alogin%3Alogin&v42=portal&v72=24516086958257494462567018276414208481&c75=VisitorAPI%20Present&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 16:51:57 GMT
server: jag
etag: 3581658950554451968-4619759683116036555
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06 Nov 2022 16:51:57 GMT

GET
H2 200 RC284096cbc5ef4b9bbf0cbf36327006f8-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/ 312 B
464 B 10ms
8ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/RC284096cbc5ef4b9bbf0cbf36327006f8-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 31fced6033a7885b5c6a7facb3043730fd78a370264e85c9fc49951ab9cb0317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:12 GMT
server: AkamaiNetStorage
etag: "9d64cd32d50fb65433d56c58c7dc6019:1666974072.725644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 196
expires: Mon, 07 Nov 2022 17:51:57 GMT

GET
H/1.0 200
OK image.sbix
global.ib-ibi.com/ Frame 7840 0
72 B 376ms
96ms Image
text/plain 69.169.86.38
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=33090588644273874393203782383470126600
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.86.38 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H3

200

activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcomm... Show response
8584968.fls.doubleclick.net/ Frame 953B
Redirect Chain

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fco...
https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Fac...

2 KB
799 B

99ms
63ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e639faf6f0641ac0689de3341b4492355bad315145588bd4238c8fbf8a027323

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 776
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:51:57 GMT
expires: Mon, 07 Nov 2022 16:51:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:51:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s94605749048300
smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.8.2-LCXS/ 43 B
120 B 26ms
26ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.8.2-LCXS/s94605749048300?AQB=1&ndh=1&pf=1&t=7%2F10%2F2022%2016%3A51%3A57%201%200&mid=24516086958257494462567018276414208481&aamlh=6&ce=UTF-8&pageName=uhc%3Acommunityplan%3Ahsid%3Asignin%3Alogin&g=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv3&v1=uhc&v2=communityplan&c3=hsid&v3=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3Ftarget%3Dhttps%253a%252f%252faccounts.myuhc.com%252frt%252fsecure%252fauth%252fcommunityplan%252fen%26resume%3D%252fas%252fd4rupjbhfp%252fresume%252fas%252fauthorization.ping%26reason%3D0&c4=signin&c12=accounts.myuhc.com&c13=%2Frt%2Flogin%2Fcommunityplan%2Fen&c25=D%3Dv25&v25=uhc%3Acommunityplan%3Ahsid%3Asignin%3Alogin&c44=%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&c60=sign-in-form&v60=sign-in-form&v72=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&lrt=39&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 16:51:57 GMT
server: jag
etag: 3581658949513314304-4619792220714707985
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06 Nov 2022 16:51:57 GMT

GET
H2 200 RC45fd880e4e444713b182c2f9f8fb19ff-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/ 340 B
478 B 18ms
18ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/RC45fd880e4e444713b182c2f9f8fb19ff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b90a527600f3f276d2ad344df4068ad9d03c4b03b8023bc24923ce98f32a6640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:12 GMT
server: AkamaiNetStorage
etag: "9d64cd32d50fb65433d56c58c7dc6019:1666974072.725644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 211
expires: Mon, 07 Nov 2022 17:51:57 GMT

GET
H2 200 RC0e3eb4005aa54076bf7259ab337a691b-source.min.js Show response
assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/ 435 B
528 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:798::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/3189bbb33f85/804f0f264122/RC0e3eb4005aa54076bf7259ab337a691b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc0cdbe1b1c794338a646d8ba52e65a87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 453d22f8dabfa194e7318c737f3c5135dbeafb41d2e180a48ddd68e690868baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:57 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 16:21:12 GMT
server: AkamaiNetStorage
etag: "9d64cd32d50fb65433d56c58c7dc6019:1666974072.725644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://accounts.myuhc.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 261
expires: Mon, 07 Nov 2022 17:51:57 GMT

GET
H/1.1 200
OK HSID_Logo.png
www.myoptum.com/content/dam/hsid/ 3 KB
3 KB 989ms
122ms Image
image/png 149.111.148.50
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myoptum.com/content/dam/hsid/HSID_Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.148.50 , United States, ASN10879 (UHC, US),

Reverse DNS

www-elr.myoptum.com

Software

Apache /

Resource Hash

eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Fri, 04 Nov 2022 16:11:53 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 2623

GET
H/1.1 200 info Show response
accounts.myuhc.com/protected/tmx/ 630 B
1 KB 272ms
271ms XHR
application/json 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/protected/tmx/info?HTTP_TARGETPORTAL=COMMUNITYPLAN

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

552eb4d59a87513a13a3e85ebb859e283987479c36b3af8071691a01016ae497

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-dtpc: 45$439915792_649h12vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-ps-id: PCHS3
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Server-Timing: dtRpid;desc="-1124486269"
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 UHCSerifHeadline-Semibold.woff2
member.werally.com/assets/fonts/ 22 KB
23 KB 482ms
482ms Font
font/woff2 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/assets/fonts/UHCSerifHeadline-Semibold.woff2

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/css/index.831458e5.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a12469d7c7df581de892457b5385edd2b863bba48fb64626c933a199164121ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accounts.myuhc.com/
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 17 May 2022 17:02:19 GMT
x-cdn: Imperva
etag: "6283d51b-5968"
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cors_value: trueget
access-control-expose-headers: Content-Length,Content-Range
request_method: GET
x-iinfo: 1-2506852-2506864 NNNN CT(92 188 0) RT(1667839917394 262) q(0 0 3 -1) r(4 5) U12
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22888

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 953B 70 B
260 B 44ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=u6v535m&ct=0:9nj2okf&fmt=3
Requested by: Host: 8584968.fls.doubleclick.net
URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 07 Nov 2022 16:51:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=*;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttp...
adservice.google.com/ddm/fls/z/ Frame 953B 42 B
494 B 118ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=*;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0

Requested by

Host: 8584968.fls.doubleclick.net
URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CPnl5O7DnPsCFQbMmgodJhUPGg;src=8584968;type=eiutv0;cat=lpg_e0ar;ord=5472287122301;gtm=2odb20;auiddc=1172034578.1667839917;~oref=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 953B 103 KB
28 KB 33ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 16:51:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DaEQTAVAvkmh3zIWr2JZPXNRsDDACvqlSVOCCr/7hVjaj7oNLhNmhntPI95timBYjzZRr7XcCXaO+7+19L8cIA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1231592023559249 Show response
connect.facebook.net/signals/config/ Frame 953B 27 KB
8 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1231592023559249?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6aebab0b0da3390a6c65ff524369ca505deca02ea01a7d4bca1dc0b0b27e9df

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 16:51:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7660
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: T7OqyCeH15rTE1+9P5mhervF8uI3TUKf+oAaVAWbmTTQ9Jv49FfenfJ//9GA3b3jHbe0OLgj+3854Hyn6vxmWA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 953B 0
185 B 42ms
12ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=PageView&dl=https%3A%2F%2F8584968.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPnl5O7DnPsCFQbMmgodJhUPGg%3Bsrc%3D8584968%3Btype%3Deiutv0%3Bcat%3Dlpg_e0ar%3Bord%3D5472287122301%3Bgtm%3D2odb20%3Bauiddc%3D1172034578.1667839917%3B~oref%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Flogin%252Fcommunityplan%252Fen%253FTARGET%253Dhttps%25253A%25252F%25252Faccounts.myuhc.com%25252Frt%25252Fsecure%25252Fauth%25252Fcommunityplan%25252Fen%2526resume%253D%25252Fas%25252Fd4RuPJbHFp%25252Fresume%25252Fas%25252Fauthorization.ping%2526reason%253D0%3F&rl=https%3A%2F%2Faccounts.myuhc.com%2F&if=true&ts=1667839918125&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&it=1667839918086&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 16:51:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 953B 0
31 B 43ms
13ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=LPG_E%26I_myuhc%202020%20Sign%20in%20-%20Site%20Visit_Site%20Visit&dl=https%3A%2F%2F8584968.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPnl5O7DnPsCFQbMmgodJhUPGg%3Bsrc%3D8584968%3Btype%3Deiutv0%3Bcat%3Dlpg_e0ar%3Bord%3D5472287122301%3Bgtm%3D2odb20%3Bauiddc%3D1172034578.1667839917%3B~oref%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Flogin%252Fcommunityplan%252Fen%253FTARGET%253Dhttps%25253A%25252F%25252Faccounts.myuhc.com%25252Frt%25252Fsecure%25252Fauth%25252Fcommunityplan%25252Fen%2526resume%253D%25252Fas%25252Fd4RuPJbHFp%25252Fresume%25252Fas%25252Fauthorization.ping%2526reason%253D0%3F&rl=https%3A%2F%2Faccounts.myuhc.com%2F&if=true&ts=1667839918139&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=28&it=1667839918086&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 16:51:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK tags.js Show response
rba-screen.healthsafe-id.com/fp/ 93 KB
12 KB 60ms
18ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&page_id=PAGEID

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/rt/static/js/index.3d8bb9a8.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

59fd41062981210b360a79a43c71273d264ef39af1a4f266c5c543111436cce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 hub-1.0.0.min.js Show response
www.healthsafe-id.com/js/vendor/cross-storage/ Frame C919 2 KB
3 KB 134ms
133ms Script
application/javascript 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.healthsafe-id.com/js/vendor/cross-storage/hub-1.0.0.min.js

Requested by

Host: www.healthsafe-id.com
URL: https://www.healthsafe-id.com/protected/crossStorageHub

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthsafe-id.com/protected/crossStorageHub
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:58 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
Content-Encoding: gzip
X-OneAgent-JS-Injection: true
Connection: keep-alive
Server-Timing: dtRpid;desc="1450095659"
Content-Length: 1040
X-XSS-Protection: 1; mode=block
X-ps-id: PCHS4
Last-Modified: Fri, 14 Oct 2022 19:44:49 GMT
ETag: "04c82b203564443ec792dcef8f6d48511-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, private
Accept-Ranges: bytes

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame 7D51 2 KB
1 KB 10ms
9ms Document
text/html 2600:9000:225e:4c00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 61
cache-control: public,max-age=7200
content-encoding: gzip
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:51:09 GMT
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id: e-yWP8t8qYMkdY5kPhMjyqgGHXM_OWxsQCZFpkvk_Y3nZmCqeVEWhQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: cf0bf50b-201e-0052-629a-edf43a000000
x-ms-version: 2009-09-19

GET
H/1.1 200
OK check.js;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 341 KB
61 KB 24ms
23ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jb=3d3b242468716d7d35576b6c6667777126687b6d3f556b66666d757327323031302668716a773f416a706d656d2668716035436a726d6567273032393235

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/tags.js?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&page_id=PAGEID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

09e0ac2acf8555610859813cad34e07870e9af2ad9a80adcddc44012caf8e4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 9b56eb40f83cd870
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 81 B
475 B 43ms
15ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 81 B
475 B 43ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
469 B 125ms
124ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 07 Nov 2022 16:51:59 GMT
X-ps-id: elr_cse_collector_7
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://accounts.myuhc.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK HP Show response
rba-screen.healthsafe-id.com/fp/ Frame DE89 19 KB
6 KB 16ms
15ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/HP?session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jb=3d3b242468716d7d35576b6c6667777126687b6d3f556b66666d757327323031302668716a773f416a706d656d2668716035436a726d6567273032393235

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8802a3457778faf3f8e8c7a6b73259922bc260e1a1c5f7c5140c559aa5dac572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5806
Content-Type: text/html;charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 81 B
534 B 42ms
13ms XHR
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 60tfck6a/9b56eb40f83cd8708c6b7f69-1633-42a6-b6f3-cc25254ad4f6
Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 07 Nov 2022 16:51:59 GMT
Server: Apache
Etag: 1eccc2ece7ed486c9ef88883c5885683
Content-Type: image/png
Access-Control-Allow-Origin: https://accounts.myuhc.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 06 Nov 2027 16:51:59 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 4E4F
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&k=2

0
387 B

14ms
14ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F Show response
rba-screen.healthsafe-id.com/fp/ Frame DD74 91 KB
14 KB 17ms
17ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4e05266495bc79fb41a5c34fd84b16ce6a8d07cd20ed735df2186186887df187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
387 B 18ms
17ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jb=3b34246e71633f3b6964373b676d383231316e36643b346a3a6736313339313131343b606b6636

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F Show response
h.online-metrix.net/fp/ Frame 6C5B 104 KB
16 KB 19ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

f2fd37af800012ec3e576148fbe70e6e08c534109e6f44fd178c18b3aeac330f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
387 B 14ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jd=3d34242468646c353b2668646a35393b36333f33646064313531356531363762613737366a60313b6061363a6b382468647c6e3f303839333a3831

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F Show response
rba-screen.healthsafe-id.com/fp/ Frame B927 90 KB
13 KB 17ms
16ms Document
text/html 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/top_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a366a1a3bb9f5f6d3046b4b245c4d0c9168c3ae80d974497682675440096704c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.myuhc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 07 Nov 2022 16:51:59 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
218 B 16ms
16ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&ja=3a303630242461353826783f322e663f313438327a333038322463663f31363030783330383224717a7b3f3870302466727a3d332c333e32322e333a32322e313430302c3132323224333432322e333a38302e333438302e313038322e322e38246f763d63383832616261666b3535666664666e3165633a3639313637323e603b633569246f6c3d36267363643d30362e6e6a3f6a7676787b253143273a462732446961616d776676712c6d7b7568632e636d6f2d3044707627304e646f656b6c2d3244636d656f776c6b7c7b726e616c253246656e27314e5643504547562d3b446a767678732732373b432730373a4427303530466163636f776c7c712c6f7b776a6b26636d6f273a353046707c273037304e7167617570652532353244637d766a273037304e6b6f6f6f77666976797264636c27303d3044676e273236726573776f6d2731462730373a4e617127303d324464365a775248604044722732373246726573776f6d2730373044637b2d32373044697576686d7a6b786376616d6c2c706b6e67253236706769716d6c273146382e64703f6a7c747273273b432730442d30446363616f756e74732c6f71776a612c616d652d324470762d32446c6d6f6b6c27304e616d6f6d776e697479706e6366273044676c273b4e544350454d5427334660767672712d3037314127323532462530373a446361616d77667c732c6f7b7d68612e61676f2730373a4470762530353246736561777a672730373044697d746a27303d3244636d656f776c6b7c7b726e616c2532353246676c2d303470677177656d253146273a353046637b273037304e66365075524a6248467027303d304470677177656d253037304e617125303d304463777c6a6d7069786174696f6e2c72616c65273034706d69736d6c273b44322672643f312472603f353a6630386161366261646a6733333160353b30376367326c336064603a6636246a603f3230633b316665633533646d3635313063363f6932303463313835393131353724687b6d3f55696c646f77732530323932246871603f4b60726d6f672d323231323f2468716d7d3f556b6e666f7773266a71607d3f416a706d6f6d2e6e6a613f3c266c646f353a246c6f7c723f3226767a643d457461273a44576c696c6d7f66266f637660723f343238316633613a606761303065366363353432383a30636633373d3c303364663c353a38333c33663467696330366461393461666266353a313331333b34692e703f726e7d676b6e5d6e6e63716a2d374764616e736521706c7765616c5d756b6c66677f735d6f676c69635f7264637b67702d374764616e736521706c7765616c5d63666d606d576161706d6a617625374d64636e716d23726e7565696e5f71756b6163766b6f6727374d6e616e716729706e7565616c5d716a6761697561746525354566636e7b6723726e776561665f70676364706e617b6d702737476e636e716523706c7567696c5d7e6e615d726e63716d722737476e616e736729726e7765616c5d666574616c76722537476e636e71672372647d676b6c5d7b76655f7461677567702d374764616e736521706c7765616c5d686374632d3d4564636e7b6524676e57613f75676a656e556560474c253230332c382730322a4d726d66474e2730384551253038302c32273a32416a726d6d69756d2955676a454e27303245445b4c2730324d53273232392c322730382a4d72656c474c25323047512d3032454e514e2d3a304751273a30332e322d3032416a7a6d6f6b756f295765624b6b765f6760496b76273a385767604544414c474e4d5d6b6c717c636c6165665f617272617b712d314027303247505c5f606e6766645d6d6b666f637a273b402730304758545f636f6e6d7a5d60776464677a5768636e6457666e6f637c273140273a32475a545d666c6f61745d6064676c662731402d3a30475a5657667061655766677276602731402530304558545f716a696667705d7667707c7570675d646f6625314a2730324750565d76657a747572655f616d6572706771716b67665f6072766b253142273a32475a565776677a747772655f636f6f727a6771716b6d6c577a677661273b422732324d5a565d766d7a767772675f66696c74677057636c6b716d767a67706b61273b422732324d5a565d715a45402733402532304f45515d6d6e676f676c7657616e66677a57756b6e762d31402730384d47515f64626f5f72656c666d705d6f6b726f6978253140273a304d4551577176636c6c6370665f666572697661766b7e6771273140273a384f47515d7c657a74777a675d646e6763762733402532304f45515d7c677a76777067576e6c6d6376576c6b6e6769702731402d30324d45515f7465787477706d5d6a636e645d6e646f6376273b422732324747515d766d7a767772675f68616c665d64646d63765d6e6b666d617027314a2530304d4d515d74677a76677a5f63727261795f6d60626761762731402d3a305547404f4c5d636d646d705d607d646467725d666c6f617427314a2730325547404f445f616d6f78726773716d665d766770767770655d617374632531402d3032554740454457636d6f727a657173676c5d76677a7c7770675f677463253342273038554740454e5d6b676d7270677b7367645d7c677a76777a675d677461312533422530325f4740454e5d616765707067717b65665f766d7a7677706d5d71317461253342253232554d40454e5d616d6578726771716d645d7467707677706757713176635d737267622531402d3032554740454457646760776f5f70656c6c67706770576b6c646f27334225323055474a454e5d6667727c605f76677a7c757065273b402730325f4740454c5d647261775f60776e6467707127314a2d323255474a474e5f6e6771675d61676c76677876253342253232554d40454e5d6f77647c695d667069773336246f6e5d6a3f3b6464376464663437343066666b3632356734306a6d306735366c323735363e333236663c30373b2675676c763d496c766d6e2730324b6c6b262675656e7a3d4b6e766d6e27303241706b712530304f70656e454e2d3032476c656b666d266161663531&jb=393736246e733f45677a6b6e6e6925304637263227303220556b6c646d77732532304c562d303233322c322d3b422730325f696c36362d31402730387a3436292732304170706e675f6760496b76273a4e3531352c3b3627323220494a564f442730412530306c696b65273038456761696d2b2d3a30416a70676d6725304e3332352c382c373130362e383725323251696463706b27304e3d33352c313e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net/fp/ Frame 4E4F 81 B
438 B 69ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
rba-screen.healthsafe-id.com/fp/ Frame DE89 209 KB
29 KB 21ms
20ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f42c868dc3940a5533a2a8b036ce00762e6bf9599b8c55e655554a0474c52897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
tmx-nonce: 9b56eb40f83cd870
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame DD74 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jf=3b34246e71603f6d3a363560633b6466356169363730343163316439353631393833603a69333a

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/ls_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 InviteTriggers Show response
api.iperceptions.com/ 241 B
305 B 31ms
30ms XHR
application/json 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 73b94e1148dd2185c3f5c76d2abc7a6ac5f694a422fe4dfc30da25e8779808b3

Request headers

Referer: https://accounts.myuhc.com/
accept-language: de-DE,de;q=0.9
SecurityToken: ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 16:51:59 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 241
expires: -1

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 100ms
32ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: securitytoken
Access-Control-Request-Method: GET
Origin: https://accounts.myuhc.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: securitytoken
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 07 Nov 2022 16:51:59 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H/1.1 204
204 clear1.png;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
400 B 17ms
16ms Image
image/png 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba-screen.healthsafe-id.com/fp/clear1.png;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jf=3c333a24716b66577a6e663f766c725d4d4a4e316451433e37473a6e5872636726736b6657666376673f333e3e373a313b31313b267161665d767b78673f7565603a6563647363247b6b665d69677b353b30373b313831313034383530633a3e363a61653164303230313234383a30633a3436306b653166323b303330353831363032383236646130656632646233363e3336343037663f31343063323936333267383a3460303a636336663a306564336266633e3130323231306c3d31673363386131373a3c3b3234363e3564303966353139356464336c34333b6134313030346364323b396039306d603437663e643a3b326731373538333a63693763353463366b396224716b6c5f7169653531323634383030333032643032306464316e3634346033666e3930673b373d313564303a363236353f376730633666323164343b373b363b363030356c3c633132306e6361363a69326032303a3332323930663232343460603d643a3b3b3032393a373736333f353630663c66373432383666613835383963353767323c676767363a333c6d663b616038626430306d24716b647a3f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=73F26E948E1CBBFE2497422303D3DE9A
h.online-metrix.net/fp/ Frame 6C5B 0
400 B 16ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=73F26E948E1CBBFE2497422303D3DE9A?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jf=3c333a24716b66577a6e663f766c725d773a5858404a574d4c5767334d74716926736b6657666376673f333e3e373a313b31313b267161665d767b78673f7565603a6563647363247b6b665d69677b353b30373b313831313034383530633a3e363a61653164303230313234383a30633a3436306b653166323b30333035383136303238323635306033323238633b61313432633567323f6e306731353b643636676b3237366338606635313239663034643634313663633432343e69626635336a383133313f303231643130646163303134623263333b6c323b376633646d6a363b33676d613636316b34673532303b34303934636465333164613c3b603634613b3c306524716b6c5f7169653531323634383030333032623536363730643f6732353760323b6c6264363b3c3736643539373b643b6a373b33313b663131666634353c6032316135326d6a35676631383163313b31663232303a3332326433376134363536603b313a606066373e30663267636b353032603e32606632313435633463343639626261356a3667373a34363a3f323a363b3b313a39373b24716b647a3f33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 IpEngine_v78.0.js Show response
universal.iperceptions.com/core/ 11 KB
4 KB 10ms
9ms Script
application/javascript 2600:9000:225e:4c00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:51:28 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
content-md5: ofN/a2/Vf6dAsat1lPzqnA==
age: 45
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 17:01:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 646c13ac-501e-0056-248e-ed01b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: 1GdvfpyhbQYaZIijd8UsIN6YymxVvIc2Yyu0YLE0UT6De2nnbH1ScQ==

GET
H2 200 12426_638030925644654454 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 887 KB
46 KB 46ms
12ms Script
application/javascript 2600:9000:2156:c800:18:ee0c:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/12426_638030925644654454
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ce164aad85b6b1cc162d665f59fbdfa17711695a33087175ec2201031dded35e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:49:18 GMT
content-encoding: gzip
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
content-md5: g7CKchPAaClyF1CF2cFgag==
age: 181
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 46309
x-ms-lease-status: unlocked
last-modified: Thu, 03 Nov 2022 17:16:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DABDBF16E7DCE5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f4a1942c-301e-00b7-60a8-efca8a000000
cache-control: x-ms-blob-cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-amz-cf-id: m_6PtEoGfzKXTK5Lpv8XNn3UrEIPjz6fbPPggHjHu92Jzf9lBIiamA==

GET
H2 200 harvest_12426.js Show response
art.azureedge.net/harvest/ 9 KB
2 KB 33ms
8ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://art.azureedge.net/harvest/harvest_12426.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBE) /
Resource Hash: 6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:51:59 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 17:36:10 GMT
server: ECAcc (frc/4CBE)
age: 407961
etag: 0x8D79E98674A1069
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-ms-request-id: 22469c18-701e-005c-6813-ef40a2000000
x-ms-version: 2009-09-19
content-length: 2019

GET
H2 200 127146_637999095737649237 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 10 KB
4 KB 11ms
11ms Script
application/javascript 2600:9000:2156:c800:18:ee0c:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/127146_637999095737649237
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f7fadd374f04c10a56b60f1490feeb96ce17e4dc178e081e3dfe81079b934e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:50:10 GMT
content-encoding: gzip
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
content-md5: aSf8dfN+D6Jyc+afpVgvPQ==
age: 119
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3063
x-ms-lease-status: unlocked
last-modified: Tue, 27 Sep 2022 21:06:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DAA0CC1C8DB61F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2f7927c6-901e-00ba-05b5-d22586000000
cache-control: x-ms-blob-cache-control: public, max-age=900
x-ms-version: 2009-09-19
x-amz-cf-id: 1QfvD60cXug8HBrGrWFTREWV0iCt-FX99xSrqf-gIvg3eqs9YvXM6Q==

GET
H/1.1 200
OK ARF;CIS3SID=852C8F643F321A82DD46A0691FB4C29C Show response
rba-screen.healthsafe-id.com/fp/ Frame DE89 35 B
557 B 16ms
15ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/ARF;CIS3SID=852C8F643F321A82DD46A0691FB4C29C?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&pageid=99998&sera_parametere=XxIIBVNWBFFVCVEHBlsEAlgEV1VXWlEEUFkGV1MBDgIAUQ1XUVJRU1ABAkUXSwpZVxJAQhZHB3RDD3FGU3wSAgkIRlMJB1lVCExARld8Egd7UhABIUcGAA5XQBcXHQR0HFV3E1ImElQPBVFRU11RA1tUUA9cAAIFXwwLWwEJBgRaUAQBVVFQBFcIVgJUCwQBXVcTWAoMV1VbAVFWUl1VBAkEDQUGBgwHVh5ZEFkITwQPV1cPVlJQUwNbVVdVCAFVD1EBV1NWVlYAXlUCUVsHUgwDDQBXUg0WB1EOUlQKAgAfC1wLSFMSQA8FClpdAQ8WUQkIEAdfd1gUV14GQlpBDQhSAhAHDUcNMVFdBwtPRBZaAAhCARhrUwdUXwEFW1wWXBYIA1Q%3D&count=0&max=0

Requested by

Host: rba-screen.healthsafe-id.com
URL: https://rba-screen.healthsafe-id.com/fp/check.js?&pageid=99998&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

bd5b281feac4717b8e2023b242550809de560a90bd9d44afb9ff80cbaa4c39cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rba-screen.healthsafe-id.com/fp/HP?session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&org_id=60tfck6a&nonce=9b56eb40f83cd870&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ip.gif Show response
post.iperceptions.com/ 32 B
572 B 347ms
288ms XHR
image/gif 2600:9000:223c:5a00:15:bf9a:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://post.iperceptions.com/ip.gif?sid=c14d57e9-e5c2-80eb-f5d8-45e631fd65df&vid=5280ada9-507f-2d20-3cf4-041368eed2de&tkid=ef6177e6-a195-4fc1-9b32-7636466e19b5&url=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%2Fcommunityplan%2Fen%3FTARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26resume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26reason%3D0&title=Sign%20In%20-%20UnitedHealthcare%20Community%20Plan

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5a00:15:bf9a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:51:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy: cross-origin
content-length: 32
last-modified: Mon, 06 Nov 2017 18:05:13 GMT
server: Apache
etag: "576fcca2957d31:0"
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: O8ZXNpynlC6eil3S2YtgP0nIqTxiRYdXAV59200d9l5KnUirDNAxKg==

GET
H/1.1 204
No Content clear.png Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
387 B 14ms
13ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear.png?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jac=1&je=393b3b24247567613533352c37302e37372c3a24726f3f666d2460617673743d253740273a306e6774676e2d3a32273143392e3230273a412730307b7663767571253232253343273a30616a6370656166672730302d374626637d666a3f616935603b6534653638316361636b3464306335613931323b31343b343462376b3133353b3e603666386664343836303231306467366432316e6b643a3637312667783135603533323c6033303931383964343734313b616136373433303e653130646d633462643136333567

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Nov 2022 16:51:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f Show response
accounts.myuhc.com/ 148 B
363 B 128ms
127ms XHR
text/plain 168.183.37.28
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.myuhc.com/rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f?type=js3&sn=v_4_srv_45_sn_D639B6C74D8B2C8E6849272515BBBAA0_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0&svrid=45&flavor=post&vi=FTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0&modifiedSince=1667832182630&rf=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Flogin%3Fresume%3D%252Fas%252Fd4RuPJbHFp%252Fresume%252Fas%252Fauthorization.ping%26TARGET%3Dhttps%253A%252F%252Faccounts.myuhc.com%252Frt%252Fsecure%252Fauth%252Fcommunityplan%252Fen%26reason%3D0&bp=3&app=b6030f906c1066bc&crc=1505404194&en=fme08pl1&end=1

Requested by

Host: accounts.myuhc.com
URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.28 , United States, ASN10879 (UHC, US),

Reverse DNS

healthsafeid-ctc.optum.com

Software

Resource Hash

a155cec5985f334bef87f98e1a4c640cf42bb150be68c6c37fd9b26fd82aeb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

x-dtreferer: https://accounts.myuhc.com/rt/login?resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&reason=0
Referer: https://accounts.myuhc.com/rt/login/communityplan/en?TARGET=https%3A%2F%2Faccounts.myuhc.com%2Frt%2Fsecure%2Fauth%2Fcommunityplan%2Fen&resume=%2Fas%2Fd4RuPJbHFp%2Fresume%2Fas%2Fauthorization.ping&reason=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 07 Nov 2022 16:52:02 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Connection: keep-alive
Content-Length: 148
Content-Type: text/plain; charset=utf-8

GET
H2 200 wUniversal.aspx Show response
ips-invite.iperceptions.com/ 19 KB
19 KB 759ms
124ms Script
text/javascript 2600:9000:2240:1200:14:7b3:cf40:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-128310-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7648205045&sessionID=c14d57e9-e5c2-80eb-f5d8-45e631fd65df&device=desktop&dsc=1

Requested by

Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1200:14:7b3:cf40:93a1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7e2c7ad706a0e81c08d9c28bf058efb4fe2a766ab30a0b053a2284749cf69ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cJaiBvPm0poKD0ueFT3JVU1bUomCPbSHxmTMaxefP-XqyTWaospqBA==

GET
H/1.1 204
204 clear3.png;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F Show response
rba-screen.healthsafe-id.com/fp/ Frame 4E4F 0
219 B 42ms
14ms Script
text/javascript 91.235.133.67
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba-screen.healthsafe-id.com/fp/clear3.png;CIS3SID=605EB79FD3F2FED5B6E0441AD7B19C2F?org_id=60tfck6a&session_id=8c6b7f69-1633-42a6-b6f3-cc25254ad4f6&nonce=9b56eb40f83cd870&jac=1&je=3c352424726567577d706663766d3d2737402d303032273a3027314127374225323274677a2730302731433b2d374627354c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.67 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:52:03 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 1_wVal.js Show response
ips-invite.iperceptions.com/invitations/invitationsJS/128/s128310/ 49 KB
30 KB 11ms
10ms Script
application/javascript 2600:9000:2240:1200:14:7b3:cf40:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://ips-invite.iperceptions.com/invitations/invitationsJS/128/s128310/1_wVal.js

Requested by

Host: ips-invite.iperceptions.com
URL: https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-128310-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=7648205045&sessionID=c14d57e9-e5c2-80eb-f5d8-45e631fd65df&device=desktop&dsc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1200:14:7b3:cf40:93a1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

5d88c8d63df4df45a37118134d19b613b92a4f45ce62d032ad158e9fe4c74523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
date: Mon, 07 Nov 2022 16:48:02 GMT
last-modified: Thu, 13 Jan 2022 16:00:15 GMT
server: Apache
x-amz-cf-pop: FRA60-P1
age: 243
etag: W/"94854ea7968d81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amz-cf-id: aa1TA1brhTs6dAuMQakzDvX0367C5aMZIZ-Wv6oExMKiifq35WEr2g==

GET
H2 200 EXPO3_0_4.min.js Show response
universal.iperceptions.com/ips/ 28 KB
10 KB 33ms
32ms Script
text/javascript 2600:9000:225e:4c00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/ips/EXPO3_0_4.min.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57ce7ac7f1dcb82db26394000eb8cd69570f8314604521d8c3021832429ee744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.myuhc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Nov 2022 16:52:03 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
content-md5: pK2wgWeoXwusDsB68yZIbA==
age: 29
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Tue, 01 Dec 2020 19:10:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 1fa18e5e-601e-0055-5e8b-f202bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: W8RKcr0oxEyOfhpswhzJIXnJNsG9D5zmjQkGZ4dUN2AA6CkxCGN08g==

GET
DATA 200
OK truncated
/ Frame 2D57 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 counter_N.png
ips-img.iperceptions.com/Counter/ Frame 2D57 119 B
630 B 389ms
286ms Image
image/png 2600:9000:223e:800:6:607f:55c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ips-img.iperceptions.com/Counter/counter_N.png?surveyID=128310&siteID=1000&langID=1&traceID=2&seed=9862845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:800:6:607f:55c0:93a1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:52:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy: cross-origin
content-length: 119
last-modified: Mon, 09 May 2011 14:45:35 GMT
server: Apache
etag: "4d2f93c157ecc1:0"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
x-amz-cf-id: L093wAVYRmZdNx7mzEdHUdHKBFo3wz3Q7iTLbkh9XSszd51umJevFQ==

GET
H/1.1 200
OK opensans600.woff
collect.iperceptions.com/Content/themes/base/fonts/ Frame 2D57 21 KB
22 KB 349ms
30ms Font
application/font-woff 52.178.179.169

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.iperceptions.com/Content/themes/base/fonts/opensans600.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.179.169 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:52:03 GMT
Last-Modified: Tue, 10 Aug 2021 15:42:55 GMT
ETag: "492a1963fe8dd71:0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache,max-age=1296000
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type
Content-Length: 21704

GET
H/1.1 200
OK collectionEvo.woff
collect.iperceptions.com/Content/themes/base/fonts/ Frame 2D57 5 KB
6 KB 349ms
30ms Font
application/font-woff 52.178.179.169

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.iperceptions.com/Content/themes/base/fonts/collectionEvo.woff
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.178.179.169 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: defc44c93eb185f64b0400fa928b43e778625b7c963d746ad3fef282d127cc79

Request headers

Referer
Origin: https://accounts.myuhc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 16:52:03 GMT
Last-Modified: Tue, 10 Aug 2021 15:42:55 GMT
ETag: "40831563fe8dd71:0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache,max-age=1296000
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type
Content-Length: 5056

GET
DATA 200
OK truncated
/ Frame 2D57 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2323d40ecc7ffdfebb485ab41c9f8a9a8a3d80dd0ea87b24fe0f2f7d9825ffe4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2D57 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfc9a905fe730c7e4c3973ecaffabc1263e32ddc55a9efcd4ee878f771a3388

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2D57 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8927af08c1dff7ee46101f0a8fbef086dc3d640af0870204847e21b10b1cc127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.optum.com/	1969-12-31 23:59:59	Name: ext-PF Value: Bg42dV0tx3fg1gnpKkDKtEzppEFy8vhEEZYZao8l2hk4
accounts.myuhc.com/	1969-12-31 23:59:59	Name: bfd37fd494e6c607638f0a9f1120ca35 Value: 50a2cf2762002c92dbc8f9764b3095bd
accounts.myuhc.com/	1969-12-31 23:59:59	Name: 96e09d7a243190b3819f4892a85f5d7e Value: 0b45ec1bedf25cbea16c535a6417a8c4
accounts.myuhc.com/	1969-12-31 23:59:59	Name: BIGipServerapps.ocp-ctc-dmz.optum.com_80 Value: 445501194.20480.0000
.myuhc.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_45_sn_D639B6C74D8B2C8E6849272515BBBAA0_perc_100000_ol_0_mul_1_app-3Ab6030f906c1066bc_0
accounts.myuhc.com/	1969-12-31 23:59:59	Name: TS0110f9d0 Value: 016f206c38b5714737e5d4052945453a93c838a8aa8e815bb54ebfa21268f0c9303d55e19546590ed453bc7facdb25355c65d0f3b6
.myuhc.com/	1969-12-31 23:59:59	Name: TS012884ac Value: 016f206c38b5714737e5d4052945453a93c838a8aa8e815bb54ebfa21268f0c9303d55e19546590ed453bc7facdb25355c65d0f3b6
.myuhc.com/	1970-01-20 16:53:19	Name: rxVisitor Value: 1667839915794BFJ9HVHL26IHEFF07OG2CDE5225G18TO
.myuhc.com/	1969-12-31 23:59:59	Name: dtLatC Value: 946
.myuhc.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.rakanto.com/	1970-01-20 16:53:19	Name: pixel-ubrid Value: v2.0-ea8272e1d758b47cbeb133f073f5d3dc-1483-1488-1666851534944-0000075268-1667839916726
accounts.myuhc.com/	1969-12-31 23:59:59	Name: rakanto_ubrid Value:
.myuhc.com/	1969-12-31 23:59:59	Name: at_check Value: true
accounts.myuhc.com/	1970-01-20 07:17:21	Name: RakantoClientSideData Value: eyJ1YnJpZCI6InYyLjAtZWE4MjcyZTFkNzU4YjQ3Y2JlYjEzM2YwNzNmNWQzZGMtMTQ4My0xNDg4LTE2NjY4NTE1MzQ5NDQtMDAwMDA3NTI2OC0xNjY3ODM5OTE2NzI2IiwiY29tbWl0X2hhc2giOiI5MTFjY2FmIn0=
accounts.myuhc.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C7FE0AD44ED95282AED9E6565E305CBF
.demdex.net/	1970-01-20 11:36:31	Name: demdex Value: 33090588644273874393203782383470126600
.myuhc.com/	1970-01-20 09:26:55	Name: _gcl_au Value: 1.1.1172034578.1667839917
.myuhc.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
accounts.myuhc.com/	1970-01-20 16:02:55	Name: HSID_V Value: 2af76f7f-4b42-4589-96c7-03359ab19a25
accounts.myuhc.com/	1969-12-31 23:59:59	Name: SESSION Value: ZmJjMThhNTMtMDJjYi00NDZjLTgzNGUtZTMzZmZjOWU1NzRm
accounts.myuhc.com/	1969-12-31 23:59:59	Name: cb5c6bff9e487b35cd8325f60b6bb412 Value: 691598b6093598fb73fd3f2d0b406ec9
.everesttech.net/	1970-01-20 16:02:55	Name: everest_g_v2 Value: g_surferid~Y2k3rQAAAB2G2ANn
.myuhc.com/	1970-01-20 16:53:19	Name: mbox Value: session#552ae8c5381346008093a5a7b3ef9f00#1667841778\|PC#552ae8c5381346008093a5a7b3ef9f00.37_0#1731084718
.dpm.demdex.net/	1970-01-20 11:36:31	Name: dpm Value: 33090588644273874393203782383470126600
.myuhc.com/	1970-01-20 16:53:19	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 359503849%7CMCIDTS%7C19304%7CMCMID%7C24516086958257494462567018276414208481%7CMCAAMLH-1668444717%7C6%7CMCAAMB-1668444717%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1667847117s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19311%7CvVersion%7C5.0.1
.doubleclick.net/	1970-01-20 16:38:55	Name: IDE Value: AHWqTUkckoEu-IpH8JSmx0ChPhGNdVyoi7SB8Ty0QDW3dmKm5fqhCKl-pBw-zVb_0MY
.myuhc.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-20 11:36:31	Name: dextp Value: 771-1-1667839917525\|903-1-1667839917631\|285689-1-1667839917788
rba-screen.healthsafe-id.com/	1970-01-20 16:53:19	Name: thx_guid Value: 8e6f3e93d280d231271f8007ac2fbbae
.myuhc.com/	1969-12-31 23:59:59	Name: rxvt Value: 1667841719098\|1667839915796
.myuhc.com/	1969-12-31 23:59:59	Name: dtPC Value: 45$439915792_649h-vFTOOJGOLOBUTSFRVPWEFRRTJPKGSIKKM-0e0
h.online-metrix.net/	1970-01-20 16:53:19	Name: thx_global_guid Value: df4f4a0e9ad14f7fbf859932c3dda697
accounts.myuhc.com/	1969-12-31 23:59:59	Name: ipe_s Value: c14d57e9-e5c2-80eb-f5d8-45e631fd65df
accounts.myuhc.com/	1969-12-31 23:59:59	Name: IPE_LandingTime Value: 1667839919706
accounts.myuhc.com/	1969-12-31 23:59:59	Name: ipe.12426.pageViewedCount Value: 1
accounts.myuhc.com/	1969-12-31 23:59:59	Name: ipe.12426.pageViewedDay Value: 311
accounts.myuhc.com/	1970-01-20 08:00:31	Name: ipe_12426_fov Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%22c14d57e9-e5c2-80eb-f5d8-45e631fd65df%22%2C%22expiry%22%3A%222022-12-07T16%3A51%3A59.710Z%22%2C%22lastVisit%22%3A%222022-11-07T16%3A51%3A59.710Z%22%7D
accounts.myuhc.com/	1970-01-20 16:53:19	Name: ipe_v Value: 5280ada9-507f-2d20-3cf4-041368eed2de

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://accounts.myuhc.com/assets/bundle-average.js?seed=AEBj7VKEAQAAF_7rOrCXyeavbRwNSmXzwHgq6lsi8ljEg_UUSV7sRoqzOCCJ&Q5eim0SSzm--z=q Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60tfck6ak7cvk4pjczcfu7kpbg4y533k2stvhrze9b56eb40f83cd870am1.e.aa.online-metrix.net
8584968.fls.doubleclick.net
accounts.myuhc.com
adservice.google.com
api.iperceptions.com
art.azureedge.net
assets.adobedtm.com
browser-update.org
cm.everesttech.net
cm.g.doubleclick.net
collect.iperceptions.com
connect.facebook.net
cse.rakanto.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
h.online-metrix.net
insight.adsrvr.org
ips-img.iperceptions.com
ips-invite.iperceptions.com
match.adsrvr.org
member.werally.com
post.iperceptions.com
rba-screen.healthsafe-id.com
repo.rakanto.com
sd.iperceptions.com
smetrics.optum.com
sso.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
universal.iperceptions.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.healthsafe-id.com
www.myoptum.com
13.36.218.177
142.250.184.230
142.250.185.226
149.111.144.83
149.111.148.50
149.111.164.232
149.111.165.13
15.188.95.229
168.183.37.28
2600:9000:2156:c800:18:ee0c:6e00:93a1
2600:9000:223c:5a00:15:bf9a:3f00:93a1
2600:9000:223e:800:6:607f:55c0:93a1
2600:9000:2240:1200:14:7b3:cf40:93a1
2600:9000:225e:4c00:8:e7ba:7440:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::681a:7b4
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a02:26f0:3500:798::1e80
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
34.242.111.67
34.249.157.182
45.60.33.26
52.138.200.61
52.178.179.169
52.212.76.227
69.169.86.38
91.235.132.130
91.235.133.67
91.235.134.131
006d82594c8e42cdde29c93d2e492011440049a6e9636fa2a496158c39b7d51c
08c5a05fc7a0411fc5a6ed810e8e7eca8bf023cfa8036331115ecbff39c0d037
08f8f57644f75ae8d87c398791beb50639d74efae6fdcdaebbe70cef775fcbd7
09e0ac2acf8555610859813cad34e07870e9af2ad9a80adcddc44012caf8e4c6
0ab928a69a618d8517577dd9b744e1e605d83958a976f96220b4d5bd2a1de630
0ba3eeae70568314d717d07a4bca0a812a1eba2c3aef67c8b57d8530611f77c6
15536d1324d76d7aa6a54e42da1cdf632f398e958f54c0362986a337d4cae0d2
1ad88252eb3cc0a5d25210a3a6bc745999634a52040cb72dd167bb5798691784
1cfc9a905fe730c7e4c3973ecaffabc1263e32ddc55a9efcd4ee878f771a3388
226e1671e8cfcd7483b2b70fff472e120689ff7ab80a984064aa04e0640072f9
2323d40ecc7ffdfebb485ab41c9f8a9a8a3d80dd0ea87b24fe0f2f7d9825ffe4
239a7477d8be074d6c1383374fd4cc3d08958cdce79b165117d075f21aba663b
31fced6033a7885b5c6a7facb3043730fd78a370264e85c9fc49951ab9cb0317
3503268a4f58b27f6e3519961cad862b511c55f93def3493ad771d874c0b01e6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
453d22f8dabfa194e7318c737f3c5135dbeafb41d2e180a48ddd68e690868baf
4e05266495bc79fb41a5c34fd84b16ce6a8d07cd20ed735df2186186887df187
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
552eb4d59a87513a13a3e85ebb859e283987479c36b3af8071691a01016ae497
57ce7ac7f1dcb82db26394000eb8cd69570f8314604521d8c3021832429ee744
59fd41062981210b360a79a43c71273d264ef39af1a4f266c5c543111436cce3
5abe9cfd90c2fc5af4b32eaa25a5820efb0ec435ac97b1fa251211b368fc0857
5d88c8d63df4df45a37118134d19b613b92a4f45ce62d032ad158e9fe4c74523
6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
73b94e1148dd2185c3f5c76d2abc7a6ac5f694a422fe4dfc30da25e8779808b3
754b9cf0b89df100385c0e5e6635c7a30038aa0fa8fe4a5a53f273f7de0b068b
76181750bb2a824cc79d1c940b9e14a3e393ae1efc93965117e3965c136acaa6
77c889e4f81107673d8ce0505a608eb45e47da7cbe687e0449c9ed26f79e2b6b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c4b8c1b21c24030b1ff96a3d104ebd8ffb40928a203af3f224301ffa0f01944
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7e2c7ad706a0e81c08d9c28bf058efb4fe2a766ab30a0b053a2284749cf69ed3
7ffd485c05f4fd239e22ea634e2abb1eca0482d4a0ba69632b9ba35ef9090f40
82b324d7a6d59656bca298ce3fef6ff4ad2fa0641e306e12f60d79a21234d4b8
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8802a3457778faf3f8e8c7a6b73259922bc260e1a1c5f7c5140c559aa5dac572
88f3cf42092a52dfca5d62e502aaf3bb77819312c141a0f3700f1e4673e12553
8927af08c1dff7ee46101f0a8fbef086dc3d640af0870204847e21b10b1cc127
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f25bee7c185d918f1d55f844f64b5cd372a4743caeb63c2abd413e5f42a4949
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
90daf978eee928560cc86e94ccf84cc0eee2b4210a025a8c71a8a18cf9af6bf1
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
985d764518c9a4ddc16f4c3b093e4bbd7dd3a2d683c46a3326fa8e18a429bc1a
9a585d7814f942c5b4ed2657982636c90e5deb21df13362ea33f50aa553c2feb
a12469d7c7df581de892457b5385edd2b863bba48fb64626c933a199164121ef
a155cec5985f334bef87f98e1a4c640cf42bb150be68c6c37fd9b26fd82aeb54
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a366a1a3bb9f5f6d3046b4b245c4d0c9168c3ae80d974497682675440096704c
a4f6f51ae326512f2bafad7193332cbecf32f880b8291573411228f153ebeab1
a7d2e4046f88a5a8869a580638fcdc43bc7377a327bc2fd906100645045312c5
ac26d59803d22cc009d9a696aed47f685b0f6239d2d806e2449d3d0219c4751e
b4dcc5168f9904823f77d6704afc9932ae3ad21e5e7c025287a3661c5b042b80
b90a527600f3f276d2ad344df4068ad9d03c4b03b8023bc24923ce98f32a6640
bd5b281feac4717b8e2023b242550809de560a90bd9d44afb9ff80cbaa4c39cc
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
c6aebab0b0da3390a6c65ff524369ca505deca02ea01a7d4bca1dc0b0b27e9df
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9e04afdafe426ce893f20a2bf4d80d88c8230487e74acea10e2a1deff69859
ce164aad85b6b1cc162d665f59fbdfa17711695a33087175ec2201031dded35e
d4c6b94818b0a1b53bd03800ee54e3d8ad43bda0e135b86c730aa7807115cfa6
ddd4c18ff7a38c8dacb45c3a1d8f053d0e8801dc03e32c940c161d0dcf982b81
defc44c93eb185f64b0400fa928b43e778625b7c963d746ad3fef282d127cc79
e39a5dc7153823fde77895188f8eea05de4070d3ebfb665263bc84a58374bfa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fcb5e542d86ea6b6006196def8a4ece1d1dbe0273f951798e5be61c3f84812
e639faf6f0641ac0689de3341b4492355bad315145588bd4238c8fbf8a027323
ec1fb826ad50482e2a4eb706a5758dafc2835325619e8fe6f48ff3691e0e8cbf
eecfcb118193465fd111d3c9821bb3c8ecbf0c417062cab000ad4365258e41ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f2fd37af800012ec3e576148fbe70e6e08c534109e6f44fd178c18b3aeac330f
f3fb2e8fd33ff77ffa04a3dc8f40c70aea86dd1332132cc2832f9989e245a1db
f42c868dc3940a5533a2a8b036ce00762e6bf9599b8c55e655554a0474c52897
f7fadd374f04c10a56b60f1490feeb96ce17e4dc178e081e3dfe81079b934e1b
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fff65bcf754e67218af1a870099b30a94b2dd18511ebad46e98ccb2bc6f5062c

accounts.myuhc.com Open in urlscan Pro 168.183.37.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

96 %HTTPS

43 %IPv6

22 Domains

37 Subdomains

33 IPs

4 Countries

1357 kBTransfer

4999 kBSize

38 Cookies

2 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.myuhc.com Open in urlscan Pro
168.183.37.28 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

96 %
HTTPS

43 %
IPv6

22
Domains

37
Subdomains

33
IPs

4
Countries

1357 kB
Transfer

4999 kB
Size

38
Cookies

97 HTTP transactions
6 data transactions