urlscan.io logo urlscan.io
SecurityTrails logo

provider.umr.com Open in urlscan Pro
149.111.144.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://provider.umr.com/
Effective URL: https://provider.umr.com/
Submission: On April 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 51 HTTP transactions. The main IP is 149.111.144.172, located in United States and belongs to UHC, US. The main domain is provider.umr.com. The Cisco Umbrella rank of the primary domain is 62952.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 14th 2023. Valid for: a year.
This is the only time provider.umr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 149.111.144.172 10879 (UHC)
1 2a00:1450:400... 15169 (GOOGLE)
4 104.17.25.14 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 65.9.95.7 16509 (AMAZON-02)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 151.101.129.91 54113 (FASTLY)
2 52.214.218.223 16509 (AMAZON-02)
1 54.220.209.169 16509 (AMAZON-02)
1 1 34.249.255.49 16509 (AMAZON-02)
1 63.140.62.222 16509 (AMAZON-02)
9 104.17.208.240 13335 (CLOUDFLAR...)
4 104.17.209.240 13335 (CLOUDFLAR...)
51 12
20    149.111.144.172 (United States)

ASN10879 (UHC, US)
provider.umr.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net
www.onelink-edge.com
5    2a02:26f0:480:f9c::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
rum.hlx.page
2    52.214.218.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-218-223.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.220.209.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-209-169.eu-west-1.compute.amazonaws.com
unitedhealthgroup.demdex.net
1    34.249.255.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-255-49.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net
smetrics.optum.com
9    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
siteintercept.qualtrics.com
4    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
20 umr.com
provider.umr.com — Cisco Umbrella Rank: 62952
419 KB
13 qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 28914
siteintercept.qualtrics.com — Cisco Umbrella Rank: 834
103 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 399
84 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
19 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 230
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 17032
2 KB
2 onelink-edge.com
www.onelink-edge.com — Cisco Umbrella Rank: 21532
79 KB
1 optum.com
smetrics.optum.com — Cisco Umbrella Rank: 15660
373 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1266
517 B
1 hlx.page
rum.hlx.page — Cisco Umbrella Rank: 28025
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
24 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 372
31 KB
51 11
Domain Requested by
20 provider.umr.com provider.umr.com
12 siteintercept.qualtrics.com provider.umr.com
5 assets.adobedtm.com provider.umr.com
assets.adobedtm.com
4 cdnjs.cloudflare.com provider.umr.com
2 dpm.demdex.net assets.adobedtm.com
provider.umr.com
2 www.onelink-edge.com provider.umr.com
www.onelink-edge.com
1 zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com provider.umr.com
1 smetrics.optum.com provider.umr.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net provider.umr.com
1 rum.hlx.page provider.umr.com
1 code.jquery.com provider.umr.com
1 ajax.googleapis.com provider.umr.com
51 13
Subject Issuer Validity Valid
www.tpa.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-14 -
2024-07-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
onelink-edge.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
hlx.page
R3		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.optum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-23 -
2025-04-23		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-02-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://provider.umr.com/
Frame ID: 4F5A2972B2AE8E458CE3783E7C406127
Requests: 50 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: E2B4C3312932CD9CD4CABF5B3BC1B3A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Provider public home

Page URL History Show full URLs

  1. http://provider.umr.com/ HTTP 307
    https://provider.umr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

23 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

768 kB
Transfer

2336 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://provider.umr.com/ HTTP 307
    https://provider.umr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://cm.everesttech.net/cm/dd?d_uuid=18726227871295902531891745332312207199 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zg1ZPgAAAGSi6QOJ

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
provider.umr.com/
Redirect Chain
  • http://provider.umr.com/
  • https://provider.umr.com/
100 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
3a0adcf730878530472b7ee518ae0a89735cbd3e475d1ebef31497409dd7672d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
https://provider.umr.com
Age
5816
Cache-Control
private, no-store, no-cache
Connection
Keep-Alive
Content-Length
33940
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Date
Wed, 03 Apr 2024 13:27:25 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=16070400; includeSubDomains; preload
Vary
Accept-Encoding
X-Cache
HIT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Served-By
cache-msp11820-MSP
X-Timer
S1712150845.214354,VS0,VS0,VE1
access-control-allow-origin
cache-control
max-age=10800, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
etag
W/"18f66-6152fd43a8575-gzip"
expires
Wed, 03 Apr 2024 11:55:28 GMT
last-modified
Wed, 03 Apr 2024 11:50:28 GMT
x-frame-options
SAMEORIGIN
x-vhost
publish

Redirect headers

Location
https://provider.umr.com/
Non-Authoritative-Reason
HttpsUpgrades
clientlib-base.lc-5ae13d340384fa26556c6b9faa99e43a-lc.min.css
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		106 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-base.lc-5ae13d340384fa26556c6b9faa99e43a-lc.min.css
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
846762a7449528811e781257d6f2f0c357e1c77156c8c09503b7476fc69d83ae
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
274953
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
7827
X-Served-By
cache-msp11857-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Sun, 31 Mar 2024 09:04:52 GMT
X-Timer
S1712150846.622877,VS0,VS0,VE1
etag
W/"1a8d4-614f12a72771d-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/css
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 08:16:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 08:16:11 GMT
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/prism.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
505430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5720
last-modified
Thu, 31 Dec 2020 20:37:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a5-414a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tvtBwYFqOPWP37LdvP2ZQayOa%2BP0DVhsuX6GiB66NqFAraUnBxBIA75XxFXCk4XYpXzSyqSJY2ws7n%2BfqdX9nUfbGl1PdfMNQRZ4BaVnOsFavKSS7c%2BYWtPo7QZdxX%2Ft%2FkE8pn1A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e9655f2e50bb61-FRA
expires
Mon, 24 Mar 2025 13:27:25 GMT
prism-autoloader.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/plugins/autoloader/prism-autoloader.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
821291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1927
last-modified
Thu, 31 Dec 2020 20:37:54 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a2-13c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWgfH5btJQdFRRE5jmaf%2Fqk5rOetv5I%2BZo9p626P2wOkQ483KrJyHMOvNitlFmVNuoKb9xKCN97McZhHn3w4Fk1xfSWal4ZVXJplTuyZZj2D6mPNQoI2VsLh5K12NB1ua1c7lRfp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e9655f3e53bb61-FRA
expires
Mon, 24 Mar 2025 13:27:25 GMT
jquery-3.6.0.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10819286
x-cache
HIT, HIT
content-length
24587
x-served-by
cache-lga13624-LGA, cache-fra-eddf8230036-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712150845.324820,VS0,VE0
etag
W/"28feccc0-11ab4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
153, 15574
prism.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.23.0/themes/prism.min.css
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
928e23e6b9fcef82c5f1d1f05b6f7fc5a6e187c60195e59fbf16fc9d071ee057
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
52949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
563
last-modified
Thu, 31 Dec 2020 20:37:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fee36a6-6fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeFinSukDJF6glUQAfXYdTJBLi%2F9AXDG2v4V79YBgkrtuzqssDUbeusWllekCcgy%2BboUtCAPc2T8v0YSBLAXWGukdZ2XhXpav88DovWYi7ln75yawgTbQSI0lSHAx1RpKoMquvgM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e9655f3e57bb61-FRA
expires
Mon, 24 Mar 2025 13:27:25 GMT
moxie.min.js
www.onelink-edge.com/ 		382 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onelink-edge.com/moxie.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
/
Resource Hash
c69ffe56a00f234d68151d0d035258deceafdf64e9c035f6f7caf3001c70a832

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:21:47 GMT
content-encoding
br
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 18:23:59 GMT
x-amz-cf-pop
PRG50-C1
age
338
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cache,age,content-disposition
cache-control
max-age=1800
cross-origin-resource-policy
cross-origin
x-xapis-milliseconds
1
x-amz-cf-id
Lnnzk2GNCMlJ1OwYZWftNDVQ2Pz2i7f84LGUIkyo6BL8tHIBzhA8JA==
launch-b90345f309ca.min.js
assets.adobedtm.com/512027f42d3c/146f0ed0633e/ 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/launch-b90345f309ca.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0449172a6ca21f6f7919b5bfb8ef5dbe0a37ffa4eeb1598f54ed34574ba27907

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
gzip
last-modified
Fri, 09 Feb 2024 01:47:05 GMT
server
AkamaiNetStorage
etag
"d65d74c0a44bc5833c80b424de150576:1707443225.060051"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://provider.umr.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
70164
expires
Wed, 03 Apr 2024 14:27:26 GMT
clientlib-dependencies.lc-b8c3c92585a7bea4ea043f1edbac6b06-lc.min.js
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		337 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-dependencies.lc-b8c3c92585a7bea4ea043f1edbac6b06-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
91b44400f09c3b3bea41e3937aa6a4e97ef8e3a0e8a46e893b4af044c93bfc2e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
1668792
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
98145
X-Served-By
cache-msp11879-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Fri, 15 Mar 2024 05:54:12 GMT
X-Timer
S1712150846.750211,VS0,VS0,VE2
etag
W/"54207-613aca3260f49-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
clientlib-dependencies.lc-1b4574496982e43f3324befc258c4abd-lc.min.css
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-dependencies.lc-1b4574496982e43f3324befc258c4abd-lc.min.css
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
bf8b5d31d8b1956a28ea187dc5b6d09404a3287b1bacf78947a61df2265ddb2c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
2007870
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
470
X-Served-By
cache-msp11836-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Mon, 11 Mar 2024 07:42:55 GMT
X-Timer
S1712150846.744066,VS0,VS0,VE1
etag
W/"472-6135db08f5a47-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/css
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
clientlib-site.lc-13bf406456bccae5fe3d37120dcb6fdd-lc.min.css
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site.lc-13bf406456bccae5fe3d37120dcb6fdd-lc.min.css
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
e1031f5ce7917a20860b04823dde78a3858f3cafb7d519b72d0e7894681dc0ea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
1687914
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
15377
X-Served-By
cache-msp11848-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Fri, 15 Mar 2024 00:35:32 GMT
X-Timer
S1712150846.741661,VS0,VS0,VE1
etag
W/"17a73-613a82f771fa4-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/css
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
core.wcm.components.commons.datalayer.v1.lc-904d3c2f1e821ab45124d66de422b409-lc.min.js
provider.umr.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/core.wcm.components.commons.datalayer.v1.lc-904d3c2f1e821ab45124d66de422b409-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
2168123
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
12106
X-Served-By
cache-msp11820-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Sat, 09 Mar 2024 11:12:02 GMT
X-Timer
S1712150846.407996,VS0,VS0,VE1
etag
W/"8a54-6133860c45cb8-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
UMR_logo.svg
provider.umr.com/content/dam/umr/en/svgs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/svgs/UMR_logo.svg
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
5f60372426367832e0fe331336898c5631137f4286113da8f6c5df07ad62b988
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
33712
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1446
X-Served-By
cache-msp11870-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 04:05:33 GMT
X-Timer
S1712150846.778591,VS0,VS0,VE1
etag
W/"aad-615295592e5d4-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
image/svg+xml
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
vectoruser.png
provider.umr.com/content/dam/umr/en/ 		495 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/vectoruser.png
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
1001150be492b7c13774818b3322ac48a2268c4445cb8a6096201ffa44f6ce1a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
33749
x-vhost
publish
X-Cache
HIT
content-disposition
inline
Connection
Keep-Alive
Content-Length
495
X-Served-By
cache-msp11839-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 04:04:57 GMT
X-Timer
S1712150846.422220,VS0,VS0,VE1
etag
W/"1ef-61529536acbb7"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
content-type
image
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
mobile-hamburger.png
provider.umr.com/content/dam/umr/en/ 		356 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/mobile-hamburger.png
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
74b9b01c3ab72d2f4c6c9d7dc98af4ff14706b1d76ccc636bea85ae7cca2d9b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
34756
x-vhost
publish
X-Cache
HIT
content-disposition
inline
Connection
Keep-Alive
Content-Length
356
X-Served-By
cache-msp11842-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 03:48:09 GMT
X-Timer
S1712150846.778304,VS0,VS0,VE1
etag
W/"164-615291757869e"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
content-type
image
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
user.png
provider.umr.com/content/dam/umr/en/logos/ 		317 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/logos/user.png
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
196319aa171a26d3d4601c503c46b38aeb8034b91cc90c57d4079c5d822427ec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
1570
x-vhost
publish
X-Cache
HIT
content-disposition
inline
Connection
Keep-Alive
Content-Length
317
X-Served-By
cache-msp11853-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 13:01:15 GMT
X-Timer
S1712150846.422093,VS0,VS0,VE1
etag
W/"13d-61530d1627a16"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
content-type
image
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
istock-1019862020.png.imgt.1500.1500.webp
provider.umr.com/content/dam/umr/en/providercenter/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/providercenter/istock-1019862020.png.imgt.1500.1500.webp
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
c9883099ac57379027f5fa87447f9b43be2265459389b8b309b8662995a93a83
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
27062
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
38575
X-Served-By
cache-msp11873-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 05:56:23 GMT
X-Timer
S1712150846.944846,VS0,VS0,VE1
etag
W/"98b6-6152ae1efa4de-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
image/webp
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
clientlib-site.lc-10b0fa23d80e9fab9799eeef726dda2d-lc.min.js
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site.lc-10b0fa23d80e9fab9799eeef726dda2d-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
93a15e7f95661769bf3e423ddffe3e33847f71de104837a95041b28cacbda93a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
1687914
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
5765
X-Served-By
cache-msp11848-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Fri, 15 Mar 2024 00:35:32 GMT
X-Timer
S1712150846.947265,VS0,VS0,VE1
etag
W/"5a11-613a82f7965ae-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
505471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9284
last-modified
Sat, 06 Jan 2024 19:26:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65999b46-2444"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmYRnecm2i6k9j6rddn5AeYIiBobsgAR4j8nqRBAOklZiYhfuBzS5W%2BBLmyWCC2xyXIth0RnySD%2FD4tfChiBqhZSy8cc9FYsle2PEDFVCsb5IeF58Meu5pb0ZgvPkxhpX9ZIn8rZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e96563cbd2bb61-FRA
expires
Mon, 24 Mar 2025 13:27:26 GMT
container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js
provider.umr.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
726152
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
491
X-Served-By
cache-msp11855-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Tue, 26 Mar 2024 01:02:50 GMT
X-Timer
S1712150846.425086,VS0,VS0,VE1
etag
"4f7-61485d963a5e2-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
515394110439a7aafe62229bbda44a768a1d938a2053d92764fae16b2aba5e81
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
1668794
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1599
X-Served-By
cache-msp11820-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Fri, 15 Mar 2024 05:54:13 GMT
X-Timer
S1712150846.422864,VS0,VS0,VE1
etag
W/"e22-613aca32d2f8a-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
clientlib-base.lc-bdf4a95842d4d38fdcba863c6284adbf-lc.min.js
provider.umr.com/etc.clientlibs/umr/clientlibs/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-base.lc-bdf4a95842d4d38fdcba863c6284adbf-lc.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
287b9ab42ba41b987c61be154d332e6e866bcf6009c3de0a8ed9ebef32443786
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
2327244
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
9211
X-Served-By
cache-msp11869-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Thu, 07 Mar 2024 15:00:02 GMT
X-Timer
S1712150846.422593,VS0,VS0,VE1
etag
W/"90b5-61313547c01de-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
text/javascript
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
PDA3E-B333-EE03-CE6A.json
www.onelink-edge.com/xapis/PretranslateConfig/ 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.onelink-edge.com/xapis/PretranslateConfig/PDA3E-B333-EE03-CE6A.json
Requested by
Host: www.onelink-edge.com
URL: https://www.onelink-edge.com/moxie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
/
Resource Hash
c56a8fd0b816f76ec000d0417e2ba6eb231358f099b363ea7a78d53e9cbc43f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
br
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-cache,age,content-disposition
cache-control
max-age=600
x-xapis-milliseconds
9
x-amz-cf-id
r97aA1EeFzvZfK8qiNFxkGFvMwB11uRg30k1wDRMObaTUzGOp2U6jg==
istock-1019862020.png.imgt.1500.1500.webp
provider.umr.com/content/dam/umr/en/providercenter/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://provider.umr.com/content/dam/umr/en/providercenter/istock-1019862020.png.imgt.1500.1500.webp
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
c9883099ac57379027f5fa87447f9b43be2265459389b8b309b8662995a93a83
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
27063
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
38575
X-Served-By
cache-msp11873-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 05:56:23 GMT
X-Timer
S1712150847.576180,VS0,VS0,VE1
etag
W/"98b6-6152ae1efa4de-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
image/webp
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
uhcsans-medium.woff
provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site/resources/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site/resources/fonts/uhcsans-medium.woff
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site.lc-13bf406456bccae5fe3d37120dcb6fdd-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
c3d7fb1e542d99fd7bd5f603a0d2dd6b20455af1bd60c708704d48b490b48e95
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site.lc-13bf406456bccae5fe3d37120dcb6fdd-lc.min.css
Origin
https://provider.umr.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
34757
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
59495
X-Served-By
cache-msp11848-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 03:48:08 GMT
X-Timer
S1712150847.574022,VS0,VS0,VE1
etag
W/"e898-61529174a7d09-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
font/woff
Access-Control-Allow-Origin
https://provider.umr.com, https://provider.umr.com
cache-control
max-age=86400, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
material-icons-v50.ttf
provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-material-icons/resources/fonts/ 		170 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-material-icons/resources/fonts/material-icons-v50.ttf
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-dependencies.lc-1b4574496982e43f3324befc258c4abd-lc.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
d2330fa51df99e8ec5ef6be27ec9a5deeae0b722e8c9fb7dbf0f723f8d20dc15
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-dependencies.lc-1b4574496982e43f3324befc258c4abd-lc.min.css
Origin
https://provider.umr.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
content-encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
2168326
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
82998
X-Served-By
cache-msp11853-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Sat, 09 Mar 2024 11:08:40 GMT
X-Timer
S1712150847.580310,VS0,VS0,VE1
etag
W/"2a820-6133854b2f041-gzip"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
content-type
font/ttf
Access-Control-Allow-Origin
https://provider.umr.com, https://provider.umr.com
cache-control
max-age=2592000,public,immutable
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
index.js
rum.hlx.page/.rum/@adobe/helix-rum-js@%5E1/src/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum.hlx.page/.rum/@adobe/helix-rum-js@%5E1/src/index.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
684a2911a8c96b4cbd8bd37d8a2ea754ac527670dac7ecd757422ecba0b030d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
Origin
https://provider.umr.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fly.io, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 13:27:26 GMT
age
1857203
x-cache
HIT
content-length
5092
x-served-by
cache-fra-eddf8230039-FRA
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
x-timer
S1712150847.543228,VS0,VE0
etag
W/"13e4-/vcHKJYEHp24PY2ZKSHJZPIZmoE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=600, max-age=60
accept-ranges
bytes
x-cache-hits
6
id
dpm.demdex.net/ 		971 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1712150846369
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/launch-b90345f309ca.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.214.218.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-218-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd73925fc35971bf1eb3d32496f39407778d5263c3adb1644e2df06f1044ca5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v059-01595f74f.edge-irl1.demdex.com 11 ms
pragma
no-cache
date
Wed, 03 Apr 2024 13:27:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
NRZqHsg7TvE=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://provider.umr.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
561
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/launch-b90345f309ca.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://provider.umr.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Wed, 03 Apr 2024 14:27:26 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/launch-b90345f309ca.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://provider.umr.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Wed, 03 Apr 2024 14:27:26 GMT
token.json
provider.umr.com/libs/granite/csrf/ 		2 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/libs/granite/csrf/token.json
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
x-sky-isauth
0
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
34911
x-vhost
publish
X-Cache
HIT
Connection
Keep-Alive
Content-Length
2
X-Served-By
cache-msp11846-MSP
Referrer-Policy
no-referrer-when-downgrade
X-Timer
S1712150847.590597,VS0,VS0,VE1
X-Frame-Options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
content-type
application/json;charset=iso-8859-1
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
max-age=86400, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
expires
-1
RCdce871a97509453bbe139090f79798fc-source.min.js
assets.adobedtm.com/512027f42d3c/146f0ed0633e/e9a9f51a5dff/ 		553 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/e9a9f51a5dff/RCdce871a97509453bbe139090f79798fc-source.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
84953e40cff02a884bdc8a96066df2c8663128b4a7369076566c1e0f73930fcc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:26 GMT
content-encoding
gzip
last-modified
Fri, 09 Feb 2024 01:47:09 GMT
server
AkamaiNetStorage
etag
"c87ed2854f09d7ece3e87176fac52359:1707443229.38992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://provider.umr.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
313
expires
Wed, 03 Apr 2024 14:27:26 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame E2B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.220.209.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-209-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://provider.umr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 03 Apr 2024 13:27:26 GMT
dcs
dcs-prod-irl1-2-v059-08cf83c8a.edge-irl1.demdex.com 1 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 2 Apr 2024 13:53:16 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
dsgqXaOwR5c=
ibs:dpid=411&dpuuid=Zg1ZPgAAAGSi6QOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=18726227871295902531891745332312207199
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zg1ZPgAAAGSi6QOJ
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zg1ZPgAAAGSi6QOJ
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Server
52.214.218.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-218-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provider.umr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v059-004f51de2.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Wed, 03 Apr 2024 13:27:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
d8SJrEleRa8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zg1ZPgAAAGSi6QOJ
Date
Wed, 03 Apr 2024 13:27:26 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s29652748483495
smetrics.optum.com/b/ss/uhgumrprod/1/JS-2.25.0-LDQM/ 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.optum.com/b/ss/uhgumrprod/1/JS-2.25.0-LDQM/s29652748483495?AQB=1&ndh=1&pf=1&t=3%2F3%2F2024%2015%3A27%3A26%203%20-120&mid=15912067646111001641560825770115756214&aamlh=6&ce=UTF-8&pageName=optum%3Aumr%3Aprovider%20public%20home&g=https%3A%2F%2Fprovider.umr.com%2F&c.&getNewRepeat=3.0.1&getTimeParting=6.3&inList=3.0&pt=3.0&p_fo=3.0&apl=4.0&getValOnce=3.0.1&getPreviousValue=3.0.1&getQueryParam=4.0&getVisitDuration=2.1.1&getVisitNum=4.2.1&endOfDatePeriod=1.2&getPageLoadTime=2.0.2&performanceWriteFull=1.0&performanceWritePart=1.0&performanceCheck=1.0&getPercentPageViewed=5.1&.c&cc=USD&server=provider.umr.com&v0=null%3Anull%3Anull%3Anull%3Anull&events=event200%2Cevent100%3D2.05%2Cevent18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fprovider.umr.com%2F&v1=optum&c2=2.25.0&v2=umr&c3=public&v3=https%3A%2F%2Fprovider.umr.com%2F&c9=New&v9=New&c12=provider.umr.com&c13=%2F&c17=2024-04-03T13%3A27%3A26.675Z&c22=provider&v22=provider&c23=not-loggedin&v23=not-loggedin&c25=D%3DpageName&v25=D%3DpageName&c27=2.05&v38=umr&c69=desktop&v69=desktop&c71=en&v71=en&c72=15912067646111001641560825770115756214&v72=15912067646111001641560825770115756214&s=800x600&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1113&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 13:27:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2024 13:27:26 GMT
server
jag
etag
3676815945335537664-4618458188674219044
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 02 Apr 2024 13:27:26 GMT
RC243684c1d5514cdaba20491ceb108623-source.min.js
assets.adobedtm.com/512027f42d3c/146f0ed0633e/e9a9f51a5dff/ 		577 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/146f0ed0633e/e9a9f51a5dff/RC243684c1d5514cdaba20491ceb108623-source.min.js
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f9c::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6ad9736f55b172d4ba8464b71d0268ba0ee32dd46dfb3c1589d121521eeee03d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
content-encoding
gzip
last-modified
Fri, 09 Feb 2024 01:47:09 GMT
server
AkamaiNetStorage
etag
"c87ed2854f09d7ece3e87176fac52359:1707443229.38992"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://provider.umr.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
329
expires
Wed, 03 Apr 2024 14:27:27 GMT
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a04b5ca3b266fb71ea27e143c3c4a648346abdcb6531b866331d93e694228c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
139224
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"26bb-KXKLKBS/jJXidp2NCKEFmDivyuY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
86e9656a29f61965-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
favicon.png
provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site/resources/images/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://provider.umr.com/etc.clientlibs/umr/clientlibs/clientlib-site/resources/images/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.111.144.172 , United States, ASN10879 (UHC, US),
Reverse DNS
Software
/
Resource Hash
632d540b5cafccc2fe91466f5c3ec74e488c130a6b7e71cc73f97340f3b20f56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 13:27:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Age
34670
x-vhost
publish
X-Cache
HIT
content-disposition
inline
Connection
Keep-Alive
Content-Length
2064
X-Served-By
cache-msp11843-MSP
Referrer-Policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 03:49:36 GMT
X-Timer
S1712150847.101061,VS0,VS0,VE1
etag
W/"810-615291c8b3bd2"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
content-type
image
Access-Control-Allow-Origin
https://provider.umr.com,
cache-control
public,max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
12.e9f8f871b6287d86c250.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.e9f8f871b6287d86c250.chunk.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=provider.umr.com
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688d6042ed54d792ad2a00eaafceb415f3bb7abe0d4ff2c02c99bd13fa70bd65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133243
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"125c9-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656a9a631965-FRA
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		68 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79dffb0f9ad8cdf44007663f1704ea56d5cc091f01c5a80faa8b835a122aef0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://provider.umr.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
eb27d4b38dc5ebc7
timing-allow-origin
*
cf-ray
86e9656adaa71965-FRA
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80cc4e2598ad30b43077a32317e305f210c29167ebc1815ee7c55beb4f461c5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133243
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"19639-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656bdbd11965-FRA
7.22eec6927507c50739d9.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.22eec6927507c50739d9.chunk.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2832f4cbcdda775134718d023391a22e419b193cf864cf02bc610c60c469e65d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133243
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"b52-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656c3c341965-FRA
1.27fbc973f36f3ae62627.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.27fbc973f36f3ae62627.chunk.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459933a319b9f42cd015f6a728dba5cb55900951861582202051b5d4e706447b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133243
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"73f8-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656c3c371965-FRA
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e5b4e6b003624ee934543cd2a196d1ac309bd54e96b3274935077748ed0fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133242
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"fefc-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656c3c3a1965-FRA
PopUnderModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopUnderModule.js?Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085e30f5fed523ac4e28c8110d7b11fb09904535008c63aa4d605ebe32c51ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
133241
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 18 Mar 2024 17:44:44 GMT
server
cloudflare
etag
W/"49f7-18e52aa6ae0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
86e9656c3c3c1965-FRA
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9zXTKqdro0fFBzg&Version=17&Q_ORIGIN=https://provider.umr.com&Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3425397558f5cfa4bd9ea42a4e8901934693ff356ad63826dd427559d405a841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
173775
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 Apr 2024 13:11:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
86e9656c68039bdd-FRA
expires
Thu, 30 Mar 2034 13:11:12 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_553DQjtu3NhyXnE&Version=3&Q_InterceptID=SI_9zXTKqdro0fFBzg&Q_ORIGIN=https://provider.umr.com&Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c70c94283fa96982a11d78bc7e3775795e86568e77b837fbe01794aecb04887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
165404
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 Apr 2024 15:30:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
86e9656c68059bdd-FRA
expires
Thu, 30 Mar 2034 15:30:43 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_eXmWGiB4oWguE7k&Version=5&Q_InterceptID=SI_9zXTKqdro0fFBzg&Q_ORIGIN=https://provider.umr.com&Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0195d35c2e1d634d506927b891c11572b2154312073a4f887de69398c6094d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
173775
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 01 Apr 2024 13:11:12 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
86e9656c68069bdd-FRA
expires
Thu, 30 Mar 2034 13:11:12 GMT
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_553DQjtu3NhyXnE&Q_SIID=SI_9zXTKqdro0fFBzg&Q_ASID=AS_eKFpmvCf2HaoHcO&Q_CLIENTVERSION=2.3.0&Q_CLIENTTYPE=web&r=1712150847470
Requested by
Host: provider.umr.com
URL: https://provider.umr.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.lc-56934e461ff6c436f962a5990541a527-lc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://provider.umr.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
347e676cddfc9aa1
cf-ray
86e9656cb85f9bdd-FRA
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		245 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://provider.umr.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 11 Mar 2034 18:00:05 GMT
date
Wed, 03 Apr 2024 13:27:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
1798042
cf-polished
origSize=757
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length
245
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 31 Jan 2024 19:43:50 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
cf-ray
86e9656cbccb1965-FRA
trace-id
b9abaffbc803892d
servershortname

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| _self object| Prism object| $jscomp function| $jscomp$lookupPolyfilledValue number| g_nKNowStart function| k$format_num function| k$format_str function| k$now function| k$ function| k$jax function| _k$jax_rsc object| fnvplus string| TranslationKeyName function| OneLinkJS_Translation function| OneLinkJS_SetLanguageKey function| OneLinkJS_SetLanguageURL object| moxie_dom_event function| OneLinkTxNumber function| OneLinkTxDateTime function| OneLinkTxTimeZone function| OneLinkTxCustomPattern function| MoxieIsQueryParamPresent function| MoxieInPreviewMode object| OneLinkMoxieJS string| g_sOneLinkMoxieJSR1 string| g_sOneLinkMoxieJSR2 object| r1 object| r2 string| g_TranslationKey undefined| OneLinkMoxiePretranslate function| XRegExp object| adobeDataLayer object| Analytics object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| getNewRepeat function| getTimeParting function| getVisitDuration function| getVisitNum function| endOfDatePeriod function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof object| Granite object| CQ object| CMP string| RUM_BASE object| hlx function| cookieWrite function| cookieRead string| g string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo string| _ppvPreviousPage string| _ppvInitialPercentViewed string| _ppvHighestPercentViewed string| _ppvFinalPercentViewed string| _ppvHighestPixelsSeen string| _ppvFoldsAvailable string| _ppvFoldsSeen number| pi function| inList number| a object| s_i_uhgumrprod number| ptc number| checkCount number| clearCount number| checkQSI object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.3.0 object| _qsie

17 Cookies

Domain/Path Name / Value
provider.umr.com/ Name: BIGipServerwww-tpa-elr.uhc.com_1080
Value: 819222026.14340.0000
provider.umr.com/ Name: TS01053ce1
Value: 014b5a756f0773302de6cdad40cb84516a0b163e58b692fc02375a2aed44810d90176a9b8e2ef8906663a58353c3427051ebe0cc87
.demdex.net/ Name: demdex
Value: 18726227871295902531891745332312207199
.umr.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.umr.com/ Name: s_nr1
Value: 1712150846674-New
.umr.com/ Name: s_ips
Value: 1113
.umr.com/ Name: s_ppv
Value: optum%253Aumr%253Aprovider%2520public%2520home%2C54%2C54%2C54%2C1113%2C1%2C1
.umr.com/ Name: s_gvo
Value: null%3Anull%3Anull%3Anull%3Anull
.umr.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zg1ZPgAAAGSi6QOJ
.dpm.demdex.net/ Name: dpm
Value: 18726227871295902531891745332312207199
.umr.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19817%7CMCMID%7C15912067646111001641560825770115756214%7CMCAAMLH-1712755646%7C6%7CMCAAMB-1712755646%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1712158046s%7CNONE%7CMCSYNCSOP%7C411-19824%7CvVersion%7C5.5.0
.umr.com/ Name: s_tp
Value: 2052
.doubleclick.net/ Name: IDE
Value: AHWqTUksJfw8-elEs14BlOL-UZrTH2mlMOvaQ5meGJ9Q-SLTTHY5z3WrYwzQs21p2LM
.demdex.net/ Name: dextp
Value: 771-1-1712150846897|903-1-1712150846998|285689-1-1712150847099
.umr.com/ Name: s_plt
Value: 2.69
.umr.com/ Name: s_pltp
Value: optum%3Aumr%3Aprovider%20public%20home

24 Console Messages

Source Level URL
Text
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://provider.umr.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com *.uhc.com *.optum.com *.werally.com;
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.adobedtm.com
cdnjs.cloudflare.com
cm.everesttech.net
code.jquery.com
dpm.demdex.net
provider.umr.com
rum.hlx.page
siteintercept.qualtrics.com
smetrics.optum.com
unitedhealthgroup.demdex.net
www.onelink-edge.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
104.17.25.14
149.111.144.172
151.101.129.91
2a00:1450:4001:800::200a
2a02:26f0:480:f9c::1e80
2a04:4e42:600::649
34.249.255.49
52.214.218.223
54.220.209.169
63.140.62.222
65.9.95.7
0195d35c2e1d634d506927b891c11572b2154312073a4f887de69398c6094d78
0449172a6ca21f6f7919b5bfb8ef5dbe0a37ffa4eeb1598f54ed34574ba27907
085e30f5fed523ac4e28c8110d7b11fb09904535008c63aa4d605ebe32c51ab5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1001150be492b7c13774818b3322ac48a2268c4445cb8a6096201ffa44f6ce1a
196319aa171a26d3d4601c503c46b38aeb8034b91cc90c57d4079c5d822427ec
2832f4cbcdda775134718d023391a22e419b193cf864cf02bc610c60c469e65d
287b9ab42ba41b987c61be154d332e6e866bcf6009c3de0a8ed9ebef32443786
3425397558f5cfa4bd9ea42a4e8901934693ff356ad63826dd427559d405a841
3a0adcf730878530472b7ee518ae0a89735cbd3e475d1ebef31497409dd7672d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459933a319b9f42cd015f6a728dba5cb55900951861582202051b5d4e706447b
4f2f7534931488bb7af4dd1c1f577aae2f473bbdd85690dc6abfb08f09385158
515394110439a7aafe62229bbda44a768a1d938a2053d92764fae16b2aba5e81
57e5b4e6b003624ee934543cd2a196d1ac309bd54e96b3274935077748ed0fce
5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad
5f60372426367832e0fe331336898c5631137f4286113da8f6c5df07ad62b988
632d540b5cafccc2fe91466f5c3ec74e488c130a6b7e71cc73f97340f3b20f56
684a2911a8c96b4cbd8bd37d8a2ea754ac527670dac7ecd757422ecba0b030d5
688d6042ed54d792ad2a00eaafceb415f3bb7abe0d4ff2c02c99bd13fa70bd65
6ad9736f55b172d4ba8464b71d0268ba0ee32dd46dfb3c1589d121521eeee03d
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
74b9b01c3ab72d2f4c6c9d7dc98af4ff14706b1d76ccc636bea85ae7cca2d9b3
79dffb0f9ad8cdf44007663f1704ea56d5cc091f01c5a80faa8b835a122aef0a
80cc4e2598ad30b43077a32317e305f210c29167ebc1815ee7c55beb4f461c5a
846762a7449528811e781257d6f2f0c357e1c77156c8c09503b7476fc69d83ae
84953e40cff02a884bdc8a96066df2c8663128b4a7369076566c1e0f73930fcc
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
8a04b5ca3b266fb71ea27e143c3c4a648346abdcb6531b866331d93e694228c0
91b44400f09c3b3bea41e3937aa6a4e97ef8e3a0e8a46e893b4af044c93bfc2e
928e23e6b9fcef82c5f1d1f05b6f7fc5a6e187c60195e59fbf16fc9d071ee057
93a15e7f95661769bf3e423ddffe3e33847f71de104837a95041b28cacbda93a
9c70c94283fa96982a11d78bc7e3775795e86568e77b837fbe01794aecb04887
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bf8b5d31d8b1956a28ea187dc5b6d09404a3287b1bacf78947a61df2265ddb2c
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
c3d7fb1e542d99fd7bd5f603a0d2dd6b20455af1bd60c708704d48b490b48e95
c56a8fd0b816f76ec000d0417e2ba6eb231358f099b363ea7a78d53e9cbc43f7
c69ffe56a00f234d68151d0d035258deceafdf64e9c035f6f7caf3001c70a832
c9883099ac57379027f5fa87447f9b43be2265459389b8b309b8662995a93a83
cd73925fc35971bf1eb3d32496f39407778d5263c3adb1644e2df06f1044ca5c
d2330fa51df99e8ec5ef6be27ec9a5deeae0b722e8c9fb7dbf0f723f8d20dc15
df7430d25377aa8eed2d92f873bbc32c26a9454b3e80db5045a5483879383abb
e1031f5ce7917a20860b04823dde78a3858f3cafb7d519b72d0e7894681dc0ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e