bg.northernillinoishealthplan.com Open in urlscan Pro
2606:4700:3035::6815:2af8  Public Scan

Submitted URL: http://bg.northernillinoishealthplan.com/
Effective URL: https://bg.northernillinoishealthplan.com/
Submission: On February 01 via manual from US

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3035::6815:2af8, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.northernillinoishealthplan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.
This is the only time bg.northernillinoishealthplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.166.135.13 14061 (DIGITALOC...)
1 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
2 6 2a02:6b8::1:119 13238 (YANDEX)
1 18.196.233.38 16509 (AMAZON-02)
2 142.250.185.194 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 65.9.58.114 16509 (AMAZON-02)
38 9
Domain Requested by
24 bg.northernillinoishealthplan.com 1 redirects bg.northernillinoishealthplan.com
6 mc.yandex.ru 2 redirects bg.northernillinoishealthplan.com
3 optad360.mgr.consensu.org cmp.optad360.io
optad360.mgr.consensu.org
2 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
2 get.optad360.io bg.northernillinoishealthplan.com
get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 stat.optad360.mgr.consensu.org cmp.optad360.io
1 cmp.optad360.io bg.northernillinoishealthplan.com
1 load16.biz bg.northernillinoishealthplan.com
38 9

This site contains links to these domains. Also see Links.

Domain
sl.northernillinoishealthplan.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-10 -
2021-07-10
a year crt.sh
load15.biz
R3
2020-12-20 -
2021-03-20
3 months crt.sh
*.optad360.io
Amazon
2020-12-17 -
2022-01-15
a year crt.sh
mc.yandex.ru
Yandex CA
2020-09-29 -
2021-03-11
5 months crt.sh
stat.optad360.mgr.consensu.org
R3
2020-12-06 -
2021-03-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
optad360.mgr.consensu.org
Amazon
2020-07-20 -
2021-08-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://bg.northernillinoishealthplan.com/
Frame ID: ABC88F0B1C21CC8111FA817D4827DBBD
Requests: 36 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Frame ID: F8BB497EB4E792165957DB664F193C08
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bg.northernillinoishealthplan.com/ HTTP 301
    https://bg.northernillinoishealthplan.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

38
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

9
IPs

5
Countries

1156 kB
Transfer

2918 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bg.northernillinoishealthplan.com/ HTTP 301
    https://bg.northernillinoishealthplan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://mc.yandex.ru/watch/54906352?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162127%3Aet%3A1612192887%3Ac%3A1%3Arn%3A616185135%3Arqn%3A1%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A0%2C16%2C348%2C0%2C57%2C0%2C%2C207%2C2%2C%2C%2C%2C631%3Adsn%3A0%2C17%2C347%2C1%2C57%2C0%2C%2C208%2C3%2C%2C%2C%2C630%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612192887%3At%3A%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%9F%D0%BB%D0%B0%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B8%20%D0%A1%D1%8A%D0%B4%D0%BE%D0%B2%D0%B5%20%D0%92%20%D0%A7%D0%BE%D0%B2%D0%B5%D1%88%D0%BA%D0%BE%D1%82%D0%BE%20%D0%A2%D1%8F%D0%BB%D0%BE%20-%202021 HTTP 302
  • https://mc.yandex.ru/watch/54906352/1?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162127%3Aet%3A1612192887%3Ac%3A1%3Arn%3A616185135%3Arqn%3A1%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A0%2C16%2C348%2C0%2C57%2C0%2C%2C207%2C2%2C%2C%2C%2C631%3Adsn%3A0%2C17%2C347%2C1%2C57%2C0%2C%2C208%2C3%2C%2C%2C%2C630%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612192887%3At%3A%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%9F%D0%BB%D0%B0%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B8%20%D0%A1%D1%8A%D0%B4%D0%BE%D0%B2%D0%B5%20%D0%92%20%D0%A7%D0%BE%D0%B2%D0%B5%D1%88%D0%BA%D0%BE%D1%82%D0%BE%20%D0%A2%D1%8F%D0%BB%D0%BE%20-%202021
Request Chain 36
  • https://mc.yandex.ru/watch/54906352?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162142%3Aet%3A1612192902%3Ac%3A1%3Arn%3A755533671%3Arqn%3A2%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612192902&force-urlencoded=1 HTTP 302
  • https://mc.yandex.ru/watch/54906352/1?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162142%3Aet%3A1612192902%3Ac%3A1%3Arn%3A755533671%3Arqn%3A2%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612192902&force-urlencoded=1

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bg.northernillinoishealthplan.com/
Redirect Chain
  • http://bg.northernillinoishealthplan.com/
  • https://bg.northernillinoishealthplan.com/
37 KB
7 KB
Document
General
Full URL
https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543dbd4791ba7d358e0303b4de0d99e69cf22496aeb9819cd8da47ada262d36e

Request headers

:method
GET
:authority
bg.northernillinoishealthplan.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df83095bec3d99434d2cf6c5b17eba63f1612192886; expires=Wed, 03-Mar-21 15:21:26 GMT; path=/; domain=.northernillinoishealthplan.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cache-control
max-age=604800
expires
Mon, 08 Feb 2021 15:21:26 GMT
cf-cache-status
DYNAMIC
cf-request-id
07ffc8465e00004a6de33fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CxRaINcviCm5gnYGFFML9ijRwBi6O9HJuDRdAEs57HwJYqFVcuEiJPEgC3BD%2B340KVYEz2VwPg6IUme9gX%2F7joVDGzo4T%2FpJ2226qpcU0cVudIZy7qsTbJwhNKtCLe6aCEa4i2I7ozY5io3JPL0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61aca983c85d4a6d-FRA
content-encoding
br

Redirect headers

Date
Mon, 01 Feb 2021 15:21:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 01 Feb 2021 16:21:26 GMT
Location
https://bg.northernillinoishealthplan.com/
cf-request-id
07ffc8462a00000eab08815000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DKrXhQaMs53oLgOdDfqzoD%2F77BI0K%2Fs5K5euLF2bsm1ssld8NVtT0UhqtpcEOKtoLZ9ZzCXqg%2BJTx7ZLvQoBqgFQcuaQVmQqouIBSN7gTpOl4djUSXRxjgx7QeUdo5t6LlJxrhzzr8aL3yLiahs%3D"}],"max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
61aca9836cbd0eab-FRA
font-awesome.min.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
33 KB
7 KB
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/font-awesome.min.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd9c77ba660a3335e77ce28b2cbff612de6d67aa48f3ab608c2bbd5916a2d15

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
346108
cf-request-id
07ffc847c100004a6dd02bd000000001
last-modified
Tue, 14 Aug 2018 07:39:08 GMT
server
cloudflare
etag
W/"849e-573604e1aff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zW2LC6AKkAShK2kflNIZ3hlKL8BDdbIHwxzU1nVe2CkG%2FR5cCkkCK39kk%2BtyQffUUMHkhIszeqX8wkUKpPzsW0%2FVHwXcFU9kd2RfW9qUMgApYGYXy1M3h15HxLPxJFTpzJB9RdZQaNkeyc2ZhRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ecb4a6d-FRA
expires
Thu, 04 Feb 2021 15:12:58 GMT
bootstrap.min.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
133 KB
18 KB
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/bootstrap.min.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a6ceccf10394a0dec0035ad839a351dfccae641a7911b0d598b154eef5ee5b

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
239779
cf-request-id
07ffc847c100004a6db6098000000001
last-modified
Wed, 14 Aug 2019 13:58:18 GMT
server
cloudflare
etag
W/"2126a-5901426305280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=29oyxivyM4KmODE8es65WaKb10wvCG2lXgJ8Byu9P%2BXYDyqjhZG0Za4j5KbMIuwl0Cmobgz8EqB1oC08da27A%2Ff51sx4F5qgDpSDA16cex1Fges%2BZqbi7kZRQ5mOB1nLkMaIcd0mfvraGBW7QOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ece4a6d-FRA
expires
Fri, 05 Feb 2021 20:45:07 GMT
colors.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
2 KB
735 B
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/colors.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31bac39f5ee06d075d77dc2adf1f6b07a2149491a685511bf8c1d75788ffe8cb

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
74982
cf-request-id
07ffc847c100004a6ded2a7000000001
last-modified
Wed, 14 Aug 2019 13:54:11 GMT
server
cloudflare
etag
W/"720-59014177766c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I96pFY5VpEyizAY9j9McZ5UM3KWYIvAF%2BJgaQylGMG3LABKWsDkTItfqRqKGjm1X9fcoTrZDY8Kua8%2Fi%2FntZDp%2FVkx5Wqw1Zzxdx30LU6bT4vUBQl21ok9Yxz9KOf2QNaABj6A7CfZAo6v%2Bi2Do%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ecf4a6d-FRA
expires
Sun, 07 Feb 2021 18:31:44 GMT
owl.carousel.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
849 B
638 B
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/owl.carousel.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330666c415171211a42dca0c1a27ba910cffbcfa0e35c3116d3722bddb8f009a

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
316249
cf-request-id
07ffc847c100004a6dbf38c000000001
last-modified
Tue, 14 Aug 2018 07:39:08 GMT
server
cloudflare
etag
W/"351-573604e1aff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ka4q1rcQhseCZ%2FCJQKH%2FJtaL1b544qVl2JzHs9QNB1xcrwlEhogk5xNSlV1nrK8ObWbCL83RDG4GkS9Q964udX2gkSZxvGERMuMUlnPJTbnUk8ZOkd3hFyzGMkaC%2Fq7ItpjS8t1dJ6ltynu7cf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ed14a6d-FRA
expires
Thu, 04 Feb 2021 23:30:37 GMT
owl.theme.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
1 KB
712 B
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/owl.theme.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bd18db581cf54f4621881c775b9f6bc76a75afbe4ce7effefa1c3f8d5b4bc2

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
342438
cf-request-id
07ffc847c100004a6d01991000000001
last-modified
Tue, 14 Aug 2018 07:39:08 GMT
server
cloudflare
etag
W/"450-573604e1aff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WQSk8NGoTMFHtAPzo32VVRVJkPrsx6c383yP7k50G1UyDCg8YrdUCz6XWYn5nIGuOuB0iprjgeliUS2hILM7UYCHtUIfyPLxOsZ3jxa5LtF8SXc9gGd7wpbi0zdx%2FvQRJVIQ4DspIDr44%2F9OBiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ed24a6d-FRA
expires
Thu, 04 Feb 2021 16:14:08 GMT
style.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
48 KB
8 KB
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/style.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b734ea0d2d52176fff713b51dc7f789a066dc784b969c02f7e01112f01af6162

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
342438
cf-request-id
07ffc847c200004a6de0030000000001
last-modified
Wed, 14 Aug 2019 14:50:40 GMT
server
cloudflare
etag
W/"bfd6-59014e1777000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KdWFBDVO8Ivt5zO37XS3oex9TgCeIqzefAIsed5joNQVs55Q%2Fk2v5q0zpeL85kRYI6NQPvvP8QRfrIakW%2BggjoVuf1vQbdkyXVCDC7pmvnF0MNkK5uJMI3Vc5g5BuVbjOi44QJtiWtUGMnkIx1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9860ed44a6d-FRA
expires
Thu, 04 Feb 2021 16:14:08 GMT
/
load16.biz/
14 KB
15 KB
Script
General
Full URL
https://load16.biz/?pu=muydcmjvmm5ha3ddf4zdamrx
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9364ed4de21f11b9ef1ba7bf0977f43b17e716a72ccff532f74a06c6c9b0420e
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Feb 2021 15:21:26 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
de919506-91f2-48ed-ab04-954c3f65ff4b.min.js
cmp.optad360.io/items/
258 KB
73 KB
Script
General
Full URL
https://cmp.optad360.io/items/de919506-91f2-48ed-ab04-954c3f65ff4b.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fa00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d745f488895d1167ee4b2cd40b7bc2b7b6351b7478fe199a794b8b5cb089ab7

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 14:56:49 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 13:02:10 GMT
server
AmazonS3
age
1478
etag
W/"394eac5703f0dd8f67c2365510818fee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
8lf4bOArt425OOVWgjNPbNvfRxcoH4clYeQkuIBzGaRjAWx3hem51Q==
plugin.min.js
get.optad360.io/sf/7dcd792a-4b1a-432e-a32b-fdfe9aeb3b85/
284 KB
78 KB
Script
General
Full URL
https://get.optad360.io/sf/7dcd792a-4b1a-432e-a32b-fdfe9aeb3b85/plugin.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91c17b949b5c04cfb013985b8f62fe410ca0e7fa981bed418a5ed158d28a5c01

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 14:36:42 GMT
content-encoding
gzip
last-modified
Mon, 25 Jan 2021 16:15:19 GMT
server
AmazonS3
age
2685
etag
W/"3b82666c963c18476d93e31732ce45b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EHwB1zHwesDwMmb376AaoSFRt3ecQC6q-mF9yPpO0QCODDMEaf18vw==
head_logo.png
bg.northernillinoishealthplan.com/template/ubiquitous/img/
8 KB
9 KB
Image
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/img/head_logo.png
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0a861dc07a2ac13cf5e630d2f9ecd886a1913258fdb3b09f72a25ddbe0dceb

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2434842
content-length
8556
cf-request-id
07ffc847c800004a6d9833c000000001
last-modified
Wed, 14 Aug 2019 13:44:33 GMT
server
cloudflare
etag
"216c-59013f503d240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ngjRkKeabgXsMMJd%2BoIMrmc6hbO9OtH3xowxQbG0WQKkBQRxU9I7%2BjbepZ%2BlEtTX1FcswigbGxsaPw3Ig00%2FqCZGYlOdT5DMww4zY2ybJKvLatL1PC5Ew5fcSTxZf0zziTdtbtisXu8kV6VBCo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
61aca9860efe4a6d-FRA
expires
Wed, 03 Feb 2021 11:00:44 GMT
footer-logo.png
bg.northernillinoishealthplan.com/template/ubiquitous/img/
5 KB
6 KB
Image
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/img/footer-logo.png
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2506b8ded53e9302ce0b86565c6e16739f058890b10c01e2deacd382c58cbaa9

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
548356
content-length
5533
cf-request-id
07ffc847c800004a6ddb0a6000000001
last-modified
Wed, 14 Aug 2019 13:47:06 GMT
server
cloudflare
etag
"159d-59013fe226a80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ar1o3XUDgo3vw9SOjozFXfn9ClhDA5YKGdkSeuARvB2R7Zl90IbqayaKay468PtamLY2sAYJXPs0tK30g%2B%2BbsghZlyQQ0%2FXunv5vFu6Lb3WZENAEpElucQO4a73pfNp20YjQF6J6UyQW%2FRd6JcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
61aca9860f004a6d-FRA
expires
Thu, 25 Feb 2021 07:02:10 GMT
jquery-1.12.3.min.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
95 KB
32 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/jquery-1.12.3.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b381caf9360f8d233856df477ddf4cc80c1acc1fb435acaed500c5399b92ba94

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
74982
cf-request-id
07ffc847c600004a6def956000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"17ba9-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nm%2B4rmos6JrgHXzmsFIq%2F0ytK4wT2VsOeSiSJALKsxJYbFfVRY2FuEPXxmwZ5H7dtXepDWh8FcipkezABffzvaVgNtuSegae9Ctk70jRtU6XUHubgaAVWk9nyEcNSOP1ZAfkPqBHAfUrSgMBryo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ee94a6d-FRA
expires
Sun, 07 Feb 2021 18:31:44 GMT
owl.carousel.min.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
23 KB
6 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/owl.carousel.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3a79233bd5f3f5005b219a805abc5624c5d8edbf7cb3ef1aaf1c7e65f47515

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
342438
cf-request-id
07ffc847c600004a6dec2ff000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"5b22-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZYU3uanKBS1%2BD%2FSkFKTDzMLGZp2Rr%2Fi6M4sSWERW7uZwU99nkeYF%2F7hruR%2BhqdXp%2Flty70batgQaOd8O5wWEyzjEMKXELmSEotpZJapj2%2B6XyGXuVfGzW1Dizxj6A0zJynCX%2BwTUj6WPsXJ%2BvKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ef14a6d-FRA
expires
Thu, 04 Feb 2021 16:14:08 GMT
cycle.all.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
26 KB
8 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b3e631daa32602a9793e60d0a86c918e579018dccbaf306797f6322b88f27e

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
197005
cf-request-id
07ffc847c600004a6da39bd000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"6951-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qy9ExKVMD7%2BUZoCL1lyUXnf9yRUSYqpCW32tPjE18mUeOfXmLGZ9RFSmpwszNzsoPlWNy0fNLqH63ovHKNjZMtzBp4TYaB3xvywRE0XbE1mdnxWCcJeBLWzVuOa7ec9xQXmJgUextyZ5majn64A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ef44a6d-FRA
expires
Sat, 06 Feb 2021 08:38:01 GMT
bootstrap.min.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
36 KB
10 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/bootstrap.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
518825
cf-request-id
07ffc847c600004a6de0031000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"90b5-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mPmiTJjPUNUbiqg8E%2Bs0%2F83KWSVAcAJwzCjI4%2F%2BwMnRyTT8avY06wocwZ%2FklBy4C4oQSWQca1Qtb4UblHzyMDfZrKMO8j2KCeIbs7e9BKJOqCC6PSZKMDtXzNPir04LlJLa7TzkbvmsRiUiXqEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ef54a6d-FRA
expires
Tue, 02 Feb 2021 15:14:21 GMT
resizesensor.min.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
2 KB
1 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/resizesensor.min.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89eec78968fd405dc0218fa92c960e6430f8c2080db472a866be03390f50dfc9

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
74982
cf-request-id
07ffc847c700004a6d0c1c1000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"8f9-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IgnQdN2C%2Bb33ZlkCIbc3oD0P8y9Ckkrvjep8MSRXJsasGTsurKv1aji1V1oYlKRaLzu5nsAPFHer2LcIDOfvz123t%2BIQtIAw4WR2BnDliakmZBBFsMMcBB02ZKe0QUVLKUTUrt0IB64yENJM4BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ef64a6d-FRA
expires
Sun, 07 Feb 2021 18:31:44 GMT
theia-sticky-sidebar.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
5 KB
2 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/theia-sticky-sidebar.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490681ba08c26876f2cef444c40a8397764576c4204516219f64abaa6e21ef95

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
197005
cf-request-id
07ffc847c700004a6db18a0000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"12d6-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D%2BtWOLIqAwXTE5K37pOVLmGts2gtZJqP5PO4AmDi2I8aji9hmu4YAqtydA8kvAeRW7IwFOZ8vA2za7xqLElsJP0uD8YdVvZPDTsSFq%2BOoPg7QLTgnPT%2FYYxfCH%2Fz18IayXjjrxNe12FoisQuSfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860ef84a6d-FRA
expires
Sat, 06 Feb 2021 08:38:01 GMT
main.js
bg.northernillinoishealthplan.com/template/ubiquitous/js/
4 KB
1 KB
Script
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/js/main.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab026b0ca06385037bbb9af094979df87e70c1f97e8f12e90ac7905ef775195

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
518825
cf-request-id
07ffc847c700004a6dda339000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
W/"e08-573604ea45340-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxZkc5yna7wm1uKIt7GR8mbBznNhRaXEXdmzA8I8vNQ78ppzAiVipk9b%2BcJ8kO5smANmkxDvVHpKt2pKuP8IfiJOEUSInYHXg9Ky00CuWrsprqk%2BorNwcNYwzpeAa1go9ICx3c0BIcYqzma%2FwaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
61aca9860efa4a6d-FRA
expires
Tue, 02 Feb 2021 15:14:21 GMT
css.css
bg.northernillinoishealthplan.com/template/ubiquitous/css/
8 KB
1 KB
Stylesheet
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2898f852bfe7b6b95364e3a79656bcc8f6787b5cbcdbf614fca39ceb133277

Request headers

Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
118145
cf-request-id
07ffc847e100004a6d9833f000000001
last-modified
Tue, 14 Aug 2018 07:39:08 GMT
server
cloudflare
etag
W/"215c-573604e1aff00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vnXurPa%2BCq%2Bj44kkZWf0I3Eze5J%2F9rqxLJXS8cZSEpMdJHqbQj2C5Lx2vQJDJjLrlZeFYM%2BfbfUXdMbX7mGzKsqVxgTNkCDiFsuxMWEIIF3npTkiLF7ZE25k6yQ%2FXO1iRRVUpAseqQhkUWzjyP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
61aca9863f704a6d-FRA
expires
Sun, 07 Feb 2021 06:32:21 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
11 KB
11 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7643775afabbca1ce2a28de1093cb381fd528e86bf455aab086e6a6944f4de99

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
70157
content-length
10892
cf-request-id
07ffc8481200004a6dc10f1000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"2a8c-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uwVo2YI5zIx8z8UoR2obZOlRIPABqrIxCBjU8h73do06S9volpRyfRlHqEPvF0jzFjzWWVH3uoAQ6R%2FPHHrCcbTZmz1Wouq6uXfd25UtnS1VZF4A9cOflZFrlDDpABClx8hECigcualDFfgwLK8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca986883a4a6d-FRA
expires
Sun, 07 Feb 2021 19:52:09 GMT
mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
9 KB
10 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3110b6e3d5506126d8bd28aeabe553521e3e75602ec1d0dd0a75c9f25cf646

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
548356
content-length
9584
cf-request-id
07ffc8481900004a6dbb99c000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"2570-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bacuowvw%2FvfnoW9FIofZhXENqovq5QQfdrbYGTV2FFLWFtg8ezNImVzbcWj%2BKUXkdvsrhhNSdK1seUy01HYCo3s%2Bv%2FcTaRhslyEvBn918alu1w07BMazu2lsdd0%2BKaE5Qc2tQc4pBXSmEnh3%2BQ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca98688624a6d-FRA
expires
Tue, 02 Feb 2021 07:02:10 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
16 KB
16 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3d279ce7882d2b0bb2e9147db63968eb26f0e926ba3d4ba37901cf3847fcad

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
548356
content-length
15892
cf-request-id
07ffc8481900004a6de6b29000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"3e14-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T0L6FLNYy26r4HTqvTYHxc%2FGwrSZ4XKdXKPoK4OKwB8Wot942zuYi9djNEN7rieBYPtHNHNyw%2Fk0LrnnKNmA0LheI1qQjdGmzPZdnYHe5yLIwE5e%2B%2BmwGubkngePZyPIFyuxHIskYs8RfyvG740%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca98688684a6d-FRA
expires
Tue, 02 Feb 2021 07:02:10 GMT
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
9 KB
10 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00a70caad7684eebfe9eb0474dc281f3beb46ea3359e0dff9885dadd8c489be

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
437161
content-length
9412
cf-request-id
07ffc8482300004a6dc10f4000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"24c4-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RiTk1dNocGjfP%2BYefDGnuYB5U57dKhNxJzolnCNuwDtxEuBmCy%2F2a8OKlM5oYoJrQp2Bnge7WhzVejWJ1VI1hMlndBWpkl%2FQOHm5DtAHwfpKxXeXFmgegazesP1IbARlktAoWTS5g06xxIhpsZA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca986989f4a6d-FRA
expires
Wed, 03 Feb 2021 13:55:25 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
14 KB
14 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
88914
content-length
14048
cf-request-id
07ffc8482300004a6d119b2000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"36e0-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9eDn8PuFbLZhgkCaEQAPhVhItB%2BWr7oCLCXLI1jQLZqgV2XHaN7UGxAu49CsPornmRA27UncllL6fCVhKcETHmAiYZouLKNm2UMgukZeS2mOnRqiYaI1Lizdd5XfX41%2F8IpZNRGilP9gjwGotsA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca98698a34a6d-FRA
expires
Sun, 07 Feb 2021 14:39:32 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
bg.northernillinoishealthplan.com/template/ubiquitous/css/
14 KB
15 KB
Font
General
Full URL
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Request headers

Origin
https://bg.northernillinoishealthplan.com
Referer
https://bg.northernillinoishealthplan.com/template/ubiquitous/css/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
88914
content-length
14544
cf-request-id
07ffc8487800004a6dc10ff000000001
last-modified
Tue, 14 Aug 2018 07:39:17 GMT
server
cloudflare
etag
"38d0-573604ea45340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FMfofTBtPFGvqC%2Bp4wV6wrM7eTJ4WTKOySqbSS3q0kAdY7z9Vw1sItF9Up65fNLuUFaQHaWTw3sAHimeRA6B%2FWXs2inYap6R5ctmHKorwyJ92GPOxk8r6fbODEo%2BjbmetEy30jnxjh1vCRposIE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
61aca9872a494a6d-FRA
expires
Sun, 07 Feb 2021 14:39:32 GMT
tag.js
mc.yandex.ru/metrika/
205 KB
64 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: bg.northernillinoishealthplan.com
URL: https://bg.northernillinoishealthplan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
405b39651348e2f81114eb3f074e792e4e4419fa54d0cefd947779630f3819df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:26 GMT
content-encoding
br
last-modified
Sun, 31 Jan 2021 20:12:11 GMT
etag
"60140a9e-1004f"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65615
expires
Mon, 01 Feb 2021 16:21:26 GMT
/
stat.optad360.mgr.consensu.org/
20 B
286 B
XHR
General
Full URL
https://stat.optad360.mgr.consensu.org/
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/de919506-91f2-48ed-ab04-954c3f65ff4b.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 01 Feb 2021 15:21:27 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
1
mc.yandex.ru/watch/54906352/
Redirect Chain
  • https://mc.yandex.ru/watch/54906352?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3Aen...
  • https://mc.yandex.ru/watch/54906352/1?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3A...
167 B
202 B
XHR
General
Full URL
https://mc.yandex.ru/watch/54906352/1?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162127%3Aet%3A1612192887%3Ac%3A1%3Arn%3A616185135%3Arqn%3A1%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A0%2C16%2C348%2C0%2C57%2C0%2C%2C207%2C2%2C%2C%2C%2C631%3Adsn%3A0%2C17%2C347%2C1%2C57%2C0%2C%2C208%2C3%2C%2C%2C%2C630%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612192887%3At%3A%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%9F%D0%BB%D0%B0%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B8%20%D0%A1%D1%8A%D0%B4%D0%BE%D0%B2%D0%B5%20%D0%92%20%D0%A7%D0%BE%D0%B2%D0%B5%D1%88%D0%BA%D0%BE%D1%82%D0%BE%20%D0%A2%D1%8F%D0%BB%D0%BE%20-%202021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
fbfc8f89232e2a8adadd7f2201d5d7192b9a1b39e723f92b7a268891054a53c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Feb 2021 15:21:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 01-Feb-2021 15:21:27 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bg.northernillinoishealthplan.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Mon, 01-Feb-2021 15:21:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Feb 2021 15:21:27 GMT
last-modified
Mon, 01-Feb-2021 15:21:27 GMT
location
/watch/54906352/1?wmode=7&page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A0%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162127%3Aet%3A1612192887%3Ac%3A1%3Arn%3A616185135%3Arqn%3A1%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A0%2C16%2C348%2C0%2C57%2C0%2C%2C207%2C2%2C%2C%2C%2C631%3Adsn%3A0%2C17%2C347%2C1%2C57%2C0%2C%2C208%2C3%2C%2C%2C%2C630%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612192887%3At%3A%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%9F%D0%BB%D0%B0%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B8%20%D0%A1%D1%8A%D0%B4%D0%BE%D0%B2%D0%B5%20%D0%92%20%D0%A7%D0%BE%D0%B2%D0%B5%D1%88%D0%BA%D0%BE%D1%82%D0%BE%20%D0%A2%D1%8F%D0%BB%D0%BE%20-%202021
strict-transport-security
max-age=31536000
access-control-allow-origin
https://bg.northernillinoishealthplan.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01-Feb-2021 15:21:27 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
133 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:27 GMT
last-modified
Sun, 31 Jan 2021 20:12:11 GMT
etag
"601418e5-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 01 Feb 2021 16:21:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
56 KB
19 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/7dcd792a-4b1a-432e-a32b-fdfe9aeb3b85/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
6a0b5cedfdc767feca1522c384cca15a51c38ba801eaa215bc48196ae25d0561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"770 / 983 of 1000 / last-modified: 1612181454"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19155
x-xss-protection
0
expires
Mon, 01 Feb 2021 15:21:27 GMT
prebid4.15.0.js
get.optad360.io/sf/
401 KB
402 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid4.15.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/7dcd792a-4b1a-432e-a32b-fdfe9aeb3b85/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
080c618e121a4005b2e1c1cb9171d9c3855f5e57638110c7cbc2adb2f124e7a6

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 18:01:06 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
last-modified
Mon, 09 Nov 2020 10:05:07 GMT
server
AmazonS3
age
5779222
etag
"02a3519810a609b01c46f219622d8b26"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
411000
x-amz-cf-id
KprcPat8kX2M598e2lxqdYLFLD9JKlNDQ2Sqng16XM9GcOGz4Kfb_A==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
1 KB
916 B
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210201
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4eaf854afe83b54dfa0e71c95c5af5885c6ac7894f5315a873744714e2d1d638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2876
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
766
etag
W/"53f-6mAZtk6nrqDZ7KXHM0Mofd/3lDY"
x-served-by
cache-fra19130-FRA, cache-hhn4047-HHN
date
Mon, 01 Feb 2021 15:21:27 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
en.json
optad360.mgr.consensu.org/cmp/v2/translations/v4/
4 KB
2 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/de919506-91f2-48ed-ab04-954c3f65ff4b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 08:28:14 GMT
content-encoding
gzip
last-modified
Thu, 29 Oct 2020 12:24:15 GMT
server
AmazonS3
age
24794
etag
W/"e3fe984dfb883f99b54c331403be617b"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GzMAgEdy8fZleJgnMQLU_-UT6cB5EUwwZUJuS0JJxvghPfE4Owtfiw==
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
pubads_impl_2021012601.js
securepubads.g.doubleclick.net/gpt/
275 KB
97 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
ec9d6b54ee7d471d28c6f8d6620721333198f8a2998a9bb872b2c98c43b2eedb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:21:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Jan 2021 09:41:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99258
x-xss-protection
0
expires
Mon, 01 Feb 2021 15:21:27 GMT
cmp-2.6.0.min.js
optad360.mgr.consensu.org/cmp/v2/ Frame F8BB
663 KB
181 KB
Script
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Requested by
Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/de919506-91f2-48ed-ab04-954c3f65ff4b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5ea150b55953103a44a0f723c971706b067dc025841534a7000c4a33daa9f9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 10:08:36 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 09:14:22 GMT
server
AmazonS3
age
18778
etag
W/"7d38e6fa1ba605a7815a6ce42f70761f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
WCWaXD-dV5H5bnIdP6aSkslzIpkvFVLTF92SFSDSWWvu3mQwO_nTjA==
vendor-list.json
optad360.mgr.consensu.org/cmp/v2/ Frame F8BB
217 KB
31 KB
XHR
General
Full URL
https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by
Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-2.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63ec6cee62ab9af190bfee169064c5be6309cf0a20e350750b2916f8ba7a96e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 04:06:05 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 01:00:07 GMT
server
AmazonS3
age
40523
etag
W/"068140066096c9346b44e1a4555b0a83"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=360000000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DrOm-0dPAoLaw385yLIgzkkXl-lI2z8PIxffgklofHZ6jc9fE6PjnQ==
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
1
mc.yandex.ru/watch/54906352/
Redirect Chain
  • https://mc.yandex.ru/watch/54906352?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Ae...
  • https://mc.yandex.ru/watch/54906352/1?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3...
43 B
92 B
Other
General
Full URL
https://mc.yandex.ru/watch/54906352/1?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162142%3Aet%3A1612192902%3Ac%3A1%3Arn%3A755533671%3Arqn%3A2%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612192902&force-urlencoded=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bg.northernillinoishealthplan.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Feb 2021 15:21:42 GMT
last-modified
Mon, 01-Feb-2021 15:21:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Feb-2021 15:21:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Feb 2021 15:21:42 GMT
last-modified
Mon, 01-Feb-2021 15:21:42 GMT
location
/watch/54906352/1?page-url=https%3A%2F%2Fbg.northernillinoishealthplan.com%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A181%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A394%3Acn%3A1%3Adp%3A1%3Als%3A1171052505863%3Ahid%3A493514654%3Az%3A60%3Ai%3A20210201162142%3Aet%3A1612192902%3Ac%3A1%3Arn%3A755533671%3Arqn%3A2%3Au%3A161219288743640695%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612192886290%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C820%2C820%2C1%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612192902&force-urlencoded=1
strict-transport-security
max-age=31536000
access-control-allow-origin
https://bg.northernillinoishealthplan.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01-Feb-2021 15:21:42 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery112307454995432063685 function| ResizeSensor function| ym number| 2f1acc6c3a606b082e5eef5e54414ffb function| __tcfapi object| __isFromEUPromise object| regeneratorRuntime object| googletag object| pbjs325474 object| AdSlotCollection object| Sk object| Ya object| yaCounter54906352 boolean| __isGoogleAllowed function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO boolean| __isFromEU object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing

3 Cookies

Domain/Path Name / Value
.northernillinoishealthplan.com/ Name: _ym_d
Value: 1612192887
.northernillinoishealthplan.com/ Name: _ym_uid
Value: 161219288743640695
.northernillinoishealthplan.com/ Name: __cfduid
Value: df83095bec3d99434d2cf6c5b17eba63f1612192886

9 Console Messages

Source Level URL
Text
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] DOM not ready, queuing slideshow
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] DOM not ready, queuing slideshow
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] DOM not ready, queuing slideshow
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] DOM not ready, queuing slideshow
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] terminating; zero elements found by selector
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] terminating; zero elements found by selector
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] terminating; zero elements found by selector
console-api log URL: https://bg.northernillinoishealthplan.com/template/ubiquitous/js/cycle.all.js(Line 10)
Message:
[cycle] terminating; zero elements found by selector
console-api error URL: https://load16.biz/?pu=muydcmjvmm5ha3ddf4zdamrx(Line 167)
Message:
Error: Browser is not suitable for subscriptions

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bg.northernillinoishealthplan.com
cdn.jsdelivr.net
cmp.optad360.io
get.optad360.io
load16.biz
mc.yandex.ru
optad360.mgr.consensu.org
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
142.250.185.194
18.196.233.38
188.166.135.13
2600:9000:206f:fa00:6:b871:4f00:93a1
2600:9000:21f3:1000:11:a4de:2580:93a1
2606:4700:3035::6815:2af8
2a02:6b8::1:119
2a04:4e42:1b::621
65.9.58.114
05a6ceccf10394a0dec0035ad839a351dfccae641a7911b0d598b154eef5ee5b
080c618e121a4005b2e1c1cb9171d9c3855f5e57638110c7cbc2adb2f124e7a6
0ab026b0ca06385037bbb9af094979df87e70c1f97e8f12e90ac7905ef775195
2506b8ded53e9302ce0b86565c6e16739f058890b10c01e2deacd382c58cbaa9
2e3d279ce7882d2b0bb2e9147db63968eb26f0e926ba3d4ba37901cf3847fcad
31bac39f5ee06d075d77dc2adf1f6b07a2149491a685511bf8c1d75788ffe8cb
330666c415171211a42dca0c1a27ba910cffbcfa0e35c3116d3722bddb8f009a
3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3d3a79233bd5f3f5005b219a805abc5624c5d8edbf7cb3ef1aaf1c7e65f47515
3fd9c77ba660a3335e77ce28b2cbff612de6d67aa48f3ab608c2bbd5916a2d15
405b39651348e2f81114eb3f074e792e4e4419fa54d0cefd947779630f3819df
490681ba08c26876f2cef444c40a8397764576c4204516219f64abaa6e21ef95
4c0a861dc07a2ac13cf5e630d2f9ecd886a1913258fdb3b09f72a25ddbe0dceb
4eaf854afe83b54dfa0e71c95c5af5885c6ac7894f5315a873744714e2d1d638
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
543dbd4791ba7d358e0303b4de0d99e69cf22496aeb9819cd8da47ada262d36e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d2898f852bfe7b6b95364e3a79656bcc8f6787b5cbcdbf614fca39ceb133277
63ec6cee62ab9af190bfee169064c5be6309cf0a20e350750b2916f8ba7a96e0
6a0b5cedfdc767feca1522c384cca15a51c38ba801eaa215bc48196ae25d0561
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7643775afabbca1ce2a28de1093cb381fd528e86bf455aab086e6a6944f4de99
89eec78968fd405dc0218fa92c960e6430f8c2080db472a866be03390f50dfc9
8b3110b6e3d5506126d8bd28aeabe553521e3e75602ec1d0dd0a75c9f25cf646
8d745f488895d1167ee4b2cd40b7bc2b7b6351b7478fe199a794b8b5cb089ab7
91c17b949b5c04cfb013985b8f62fe410ca0e7fa981bed418a5ed158d28a5c01
92b3e631daa32602a9793e60d0a86c918e579018dccbaf306797f6322b88f27e
9364ed4de21f11b9ef1ba7bf0977f43b17e716a72ccff532f74a06c6c9b0420e
a5ea150b55953103a44a0f723c971706b067dc025841534a7000c4a33daa9f9a
b00a70caad7684eebfe9eb0474dc281f3beb46ea3359e0dff9885dadd8c489be
b381caf9360f8d233856df477ddf4cc80c1acc1fb435acaed500c5399b92ba94
b734ea0d2d52176fff713b51dc7f789a066dc784b969c02f7e01112f01af6162
d1bd18db581cf54f4621881c775b9f6bc76a75afbe4ce7effefa1c3f8d5b4bc2
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
ec9d6b54ee7d471d28c6f8d6620721333198f8a2998a9bb872b2c98c43b2eedb
fbfc8f89232e2a8adadd7f2201d5d7192b9a1b39e723f92b7a268891054a53c6