Submitted URL: http://click.news.uhcmedicaresolutions.com/?qs=0863dcf34f222025f1859cc29842b8dc5dde1b6c8f0789a1e3d5b8a3f4d23680f47cfbee686d8840bf1f4239dd96...
Effective URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Submission: On June 11 via manual from US

Summary

This website contacted 16 IPs in 5 countries across 10 domains to perform 48 HTTP transactions. The main IP is 149.111.129.3, located in United States and belongs to UHC - Unitedhealthcare, US. The main domain is www.medicare.uhc.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 12th 2019. Valid for: a year.
This is the only time www.medicare.uhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.231.91.47 22606 (EXACT-7)
22 149.111.129.3 10879 (UHC)
2 2.18.232.23 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 107.154.114.243 19551 (INCAPSULA)
1 45.60.33.26 19551 (INCAPSULA)
1 4 52.215.56.157 16509 (AMAZON-02)
1 66.117.29.224 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
3 192.229.221.253 15133 (EDGECAST)
1 34.246.137.239 16509 (AMAZON-02)
2 52.138.200.61 8075 (MICROSOFT...)
5 45.60.124.51 19551 (INCAPSULA)
1 2606:2800:133... 15133 (EDGECAST)
2 198.72.114.197 32613 (IWEB-AS)
2 52.178.179.169 8075 (MICROSOFT...)
48 16
Domain Requested by
22 www.medicare.uhc.com www.medicare.uhc.com
4 dpm.demdex.net 1 redirects www.medicare.uhc.com
3 sd.iperceptions.com universal.iperceptions.com
3 universal.iperceptions.com www.medicare.uhc.com
universal.iperceptions.com
2 collect.iperceptions.com
2 ips-invite.iperceptions.com universal.iperceptions.com
www.medicare.uhc.com
2 api.iperceptions.com www.medicare.uhc.com
2 assets.adobedtm.com www.medicare.uhc.com
1 ips-img.iperceptions.com
1 post.iperceptions.com www.medicare.uhc.com
1 art.azureedge.net universal.iperceptions.com
1 unitedhealthgroup.demdex.net www.medicare.uhc.com
1 cm.everesttech.net 1 redirects
1 metrics.uhc.com assets.adobedtm.com
1 api.member.mymedicareaccount.com www.medicare.uhc.com
1 api.member.uhc.com www.medicare.uhc.com
1 fonts.googleapis.com www.medicare.uhc.com
1 cdnjs.cloudflare.com www.medicare.uhc.com
1 click.news.uhcmedicaresolutions.com 1 redirects
48 19

This site contains no links.

Subject Issuer Validity Valid
www.uhcmedicaresolutions.com
COMODO RSA Organization Validation Secure Server CA
2019-02-12 -
2020-02-12
a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA
2019-03-04 -
2020-03-11
a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-05-28 -
2019-08-20
3 months crt.sh
api.member.uhc.com
COMODO RSA Organization Validation Secure Server CA
2019-03-15 -
2020-03-14
a year crt.sh
api.member.mymedicareaccount.com
COMODO RSA Organization Validation Secure Server CA
2018-07-30 -
2019-07-30
a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
*.d1.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2019-04-23 -
2020-04-14
a year crt.sh
sa38gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2017-10-20 -
2020-04-13
2 years crt.sh
*.iperceptions.com
Sectigo RSA Domain Validation Secure Server CA
2019-05-07 -
2021-05-06
2 years crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3
2019-02-13 -
2019-10-05
8 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Frame ID: 36D3CE7BA69A617930419E4C3F8D632B
Requests: 43 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: EB788D88C227079BAAF06AF6B8DDF120
Requests: 1 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 1D24F8DEE2B466DBF0B5487485339BEC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 91B66FECF063FF2321D7DCBF7A9A8FA6
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://click.news.uhcmedicaresolutions.com/?qs=0863dcf34f222025f1859cc29842b8dc5dde1b6c8f0789a1e3d5b8a3f4d23680f47cfbee... HTTP 302
    https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*parbase/i
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*parbase/i
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • env /^angular$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i

Overall confidence: 100%
Detected patterns
  • env /^moment$/i

Overall confidence: 100%
Detected patterns
  • script /ruxitagentjs/i

Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i

Page Statistics

48
Requests

98 %
HTTPS

18 %
IPv6

10
Domains

19
Subdomains

16
IPs

5
Countries

861 kB
Transfer

3488 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.news.uhcmedicaresolutions.com/?qs=0863dcf34f222025f1859cc29842b8dc5dde1b6c8f0789a1e3d5b8a3f4d23680f47cfbee686d8840bf1f4239dd96efa4c5568828495d7e9ff5ed3095b0328519 HTTP 302
    https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
Request Chain 25
  • https://cm.everesttech.net/cm/dd?d_uuid=03247401649358294730104970927469596680 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XQAW_wAAE6MdGBKk

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
www.medicare.uhc.com/member/payments/
Redirect Chain
  • http://click.news.uhcmedicaresolutions.com/?qs=0863dcf34f222025f1859cc29842b8dc5dde1b6c8f0789a1e3d5b8a3f4d23680f47cfbee686d8840bf1f4239dd96efa4c5568828495d7e9ff5ed3095b0328519
  • https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
75 KB
15 KB
Document
General
Full URL
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
59024350dfc6ce67119452731bf0a0876a1bf8195badae2021eeb16e607daba2
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.medicare.uhc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:48 GMT
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-OneAgent-JS-Injection
true
X-ruxit-JS-Agent
true
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Timing-Allow-Origin
*
Set-Cookie
renderid=publish3; path=/;; Secure; HTTPOnly JSESSIONID=1tbmno6w3iif41jp16sz225dab;Path=/;HttpOnly; Secure; HTTPOnly dtCookie=23$041664FEAD18AF901C0A681187D7043D; Path=/; Domain=.uhc.com BIGipServeruhcmedicaresolutions-elrvip.uhcmedicaresolutions.com_11080=1398036234.14340.0000; path=/; Httponly; Secure TS012acd0c=014b5a756ff9609d228eb2534624e316389b65e7fb29e9949b5b78789fd5a9094b96880196e4b15192de541cf4f70065b0507f558f14413ecd6d73525d550def32f4e519eb75c789d3f51c2116011f56f15b03cda314e99e6f39223e51f17c2f49b806bd73; Path=/; Secure; HTTPOnly TS01d20cf4=014b5a756f3ba96fe1ec60785d098dcb7a482c8a7929e9949b5b78789fd5a9094b968801964d1b094565b2c37b8294bed8035671accfec86dba89e808ee3058d49a47714a0; path=/; domain=.uhc.com; HTTPonly; Secure
Content-Length
14388
Keep-Alive
timeout=30, max=200
Connection
Keep-Alive
Content-Type
text/html; charset=ISO-8859-1

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR|MakePayment|EGEM3022|::8008793
Date
Tue, 11 Jun 2019 21:02:47 GMT
Connection
close
Content-Length
247
ruxitagentjs_ICA2SVfghqr_10161190306152812.js
www.medicare.uhc.com/
123 KB
48 KB
Script
General
Full URL
https://www.medicare.uhc.com/ruxitagentjs_ICA2SVfghqr_10161190306152812.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
d19c6d272479b2dd2f1ce1cfcc88b8e5609812b4a6de3788ea4189fd8c80457e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31535000, public, no-transform
Connection
Keep-Alive
Timing-Allow-Origin
*
Keep-Alive
timeout=30, max=200
Content-Length
48276
X-XSS-Protection
1; mode=block
Expires
Wed, 10 Jun 2020 21:02:50 GMT
satelliteLib-be539ec8b934404bc81a51a03da915cb71d0528a.js
assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/
130 KB
39 KB
Script
General
Full URL
https://assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/satelliteLib-be539ec8b934404bc81a51a03da915cb71d0528a.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9bba2f9ccf8e6b437ca29755d41deb2add0058f4159ecc4b513c66b8f87f013e

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Jun 2019 15:13:53 GMT
server
Apache
etag
"a08356a9438abb616e32eacb821d0ef7:1560266034"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
39457
expires
Tue, 11 Jun 2019 22:02:50 GMT
jquery.min.js
www.medicare.uhc.com/etc/clientlibs/granite/
111 KB
38 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/granite/jquery.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=31535000, public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
38722
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=200
Expires
Tue, 11 Jun 2019 21:32:50 GMT
revv_combinedClientcontext-2.min.js
www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/
175 KB
47 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
3591f3544ccf15868b22a95ed5539c800f2bbab0b862e9f734f21e2da90ab6d4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Last-Modified
Tue, 05 Feb 2019 17:31:39 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=31535000, public, no-transform
Transfer-Encoding
chunked
Connection
Keep-Alive
Timing-Allow-Origin
*
Keep-Alive
timeout=30, max=199
X-XSS-Protection
1; mode=block
Expires
Tue, 11 Jun 2019 21:32:50 GMT
lodash.min.js
cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.4/
70 KB
24 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.4/lodash.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04e9051c160d4a4e7a4453c4c51a1a53187c397c9a81f6f0a6b373a10182eac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:50 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:07 GMT
server
cloudflare
etag
W/"5afd4983-116fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 31 May 2020 21:02:50 GMT
cache-control
public, max-age=30672000
cf-ray
4e56873d9a4dc2ae-FRA
served-in-seconds
0.001
thirdparty.min.css
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/
595 KB
83 KB
Stylesheet
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/thirdparty.min.css
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
3b1a3021a14fa35b9c8241f9d7d05e962115087b1123e5a217cec089a303d7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1800, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=199
Expires
Tue, 11 Jun 2019 21:32:50 GMT
thirdparty.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/
1 MB
361 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/thirdparty.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
bf0149bb085397bacd9c07f404732d62983d9f7ca04c5ee1cf594dac5e90cad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=199
Expires
Tue, 11 Jun 2019 21:32:50 GMT
common.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/
40 KB
11 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/common.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
365a4f6f0ddd1560d1c7108c38439b0e44f0624240afb6fdde0bfea2e51d8fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
10388
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=199
Expires
Tue, 11 Jun 2019 21:32:50 GMT
common.min.css
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/
334 KB
42 KB
Stylesheet
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/common.min.css
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
57a3632db6fb3d61c1fdf3293522ce572bcb4e269c0bb7282a498a9ee9e1477a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
42158
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=200
Expires
Tue, 11 Jun 2019 21:32:50 GMT
segmentation.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/
11 KB
3 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/segmentation.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
efa41002644d18a58b31b31586b996a6535f8cf490c239423c4b9a1cb6ecb668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:44 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
2555
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=198
Expires
Tue, 11 Jun 2019 21:32:51 GMT
icon
fonts.googleapis.com/
574 B
419 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8d750d26dce2ca11e8dde5cb2686a55c9d87281ff7acdea19342beebe04ebf55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 11 Jun 2019 21:02:50 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 11 Jun 2019 21:02:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 11 Jun 2019 21:02:50 GMT
header.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/
11 KB
4 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/header.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
3c89f4542fc6a98d9fc9ec029d283c87a1316690a43f933587c020f990c7a8b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:53 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
3432
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=198
Expires
Tue, 11 Jun 2019 21:32:51 GMT
header.min.css
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/components/global/
16 KB
4 KB
Stylesheet
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/themes/components/global/header.min.css
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
ffa0b9cfceb849fc14d740495a4c5b5e568c2c5487295f61c8ae2ca6b70450e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:53 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
3613
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=200
Expires
Tue, 11 Jun 2019 21:32:50 GMT
timeout.min.css
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/tools/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/tools/timeout.min.css
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
07766aafeee2520fcdee3b75c1983890482ada6ad45612ee69b8d636c4cd6175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:53 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
817
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=200
Expires
Tue, 11 Jun 2019 21:32:50 GMT
timeout.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/tools/
3 KB
1 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/tools/timeout.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
66fa56879725a0b26d14d83c3470ff972bbc2a503335497a70cf5fe5a1a8f89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:53 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
1048
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=199
Expires
Tue, 11 Jun 2019 21:32:51 GMT
extend
api.member.uhc.com/rest/user/v1/session/
0
508 B
Image
General
Full URL
https://api.member.uhc.com/rest/user/v1/session/extend
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:50 GMT
www-authenticate
Federated
x-cdn
Incapsula
strict-transport-security
max-age=15768000; includeSubDomains; preload;
status
200
x-iinfo
9-133281025-133281026 NNNN CT(88 181 0) RT(1560286970363 0) q(0 0 3 0) r(4 4) U5
cache-control
no-cache, no-store, must-revalidate
x-trace-token
62a3b6cca732-9547828
content-length
0
extend
api.member.mymedicareaccount.com/rest/user/v1/session/
0
537 B
Image
General
Full URL
https://api.member.mymedicareaccount.com/rest/user/v1/session/extend
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:52 GMT
www-authenticate
Federated
x-cdn
Incapsula
strict-transport-security
max-age=15768000; includeSubDomains; preload;
status
200
x-iinfo
5-109483282-109483286 NNNN CT(89 182 0) RT(1560286971314 0) q(0 0 3 17) r(3 3) U5
cache-control
no-cache, no-store, must-revalidate
x-trace-token
62a3b6cca732-9547849
content-length
0
needhelp.min.js
www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/
9 KB
3 KB
Script
General
Full URL
https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/components/global/needhelp.min.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
a968bc96c9e3f941488d6db6b0bd5ca6ec86a6b35ad18c043e82738580201177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:13:00 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
2496
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=199
Expires
Tue, 11 Jun 2019 21:32:51 GMT
computer.svg
www.medicare.uhc.com/content/dam/medicaremember/benefitsandcoverage/images/
955 B
1008 B
Image
General
Full URL
https://www.medicare.uhc.com/content/dam/medicaremember/benefitsandcoverage/images/computer.svg
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
986954b6deb9904044ce922bc72b837ad4118f6325d1da1eb66b3908a6bbd2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:13:00 GMT
ETag
"100d7b6-3bb-58b0dbb83041d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
576
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=198
plan.svg
www.medicare.uhc.com/content/dam/medicaremember/formsAndResources/
2 KB
1 KB
Image
General
Full URL
https://www.medicare.uhc.com/content/dam/medicaremember/formsAndResources/plan.svg
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
42a5b7c54acba284a16d92ab93b686b4245e2c8e85b38f5c63b2cd85585f9d7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:13:00 GMT
ETag
"b880-739-58b0dbb830805"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
720
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=197
question.svg
www.medicare.uhc.com/content/dam/medicaremember/benefitsandcoverage/images/
3 KB
1 KB
Image
General
Full URL
https://www.medicare.uhc.com/content/dam/medicaremember/benefitsandcoverage/images/question.svg
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
a95225b34a3a827674bb6572617e342d654cf0fd7201fc20441c3397f9de18a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:42 GMT
ETag
"100d7a3-b9d-58b0dba720def"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
910
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=196
claim.svg
www.medicare.uhc.com/content/dam/UCP/Images/needhelp/
3 KB
2 KB
Image
General
Full URL
https://www.medicare.uhc.com/content/dam/UCP/Images/needhelp/claim.svg
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
7183502aa66e3c9d35dbc654b888ec171e8f1562e71c42f350a6966d8086abd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:42 GMT
ETag
"50000de-db0-58b0dba720def"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
1352
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=195
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
0
-1 B
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.56.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-56-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
X-TID
WrvNagsRTvw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.medicare.uhc.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://www.medicare.uhc.com
X-TID
WrvNagsRTvw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rd
dpm.demdex.net/id/
376 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1560286970919
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.56.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-56-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
65993825139c096805125897ab0892bdefdadfc3cc5a9bcd3d3ac0e56205ac4a

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v033-02b9605cf.edge-irl1.demdex.com 5.54.0.20190610134454 3ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
8yFpGTVZS8o=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.medicare.uhc.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
metrics.uhc.com/
49 B
655 B
XHR
General
Full URL
https://metrics.uhc.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=08219904023810437201053015615124475873&ts=1560286970999
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/satelliteLib-be539ec8b934404bc81a51a03da915cb71d0528a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.117.29.224 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
Omniture DC /
Resource Hash
d8b08e92695113962a5409d628c80a250d16aa342a16bd680b6f4419c49c4293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www62
Vary
Origin
X-C
ms-6.7.4
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://www.medicare.uhc.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
49
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XQAW_wAAE6MdGBKk
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=03247401649358294730104970927469596680
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XQAW_wAAE6MdGBKk
42 B
769 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XQAW_wAAE6MdGBKk
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.56.157 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-56-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v033-06249afa0.edge-irl1.demdex.com 5.54.0.20190610134454 3ms
Pragma
no-cache
X-TID
FLzGNRGRSdU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 11 Jun 2019 21:02:50 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XQAW_wAAE6MdGBKk
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
wrapper.js
universal.iperceptions.com/
8 KB
3 KB
Script
General
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.253 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FCB) /
Resource Hash
bc77c9c7df7af2943bee783a6d57c7c5b8c69cab775f6fab3f0afe12bfb1fdb8

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2019 21:02:52 GMT
content-encoding
gzip
content-md5
oNehSgZof0m4Dou3adGBbA==
x-cache
HIT
status
200
content-length
2748
x-ms-lease-status
unlocked
last-modified
Mon, 16 Jul 2018 13:45:33 GMT
server
ECAcc (frc/8FCB)
etag
0x8D5EB22676C11F2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
96af33fa-901e-00cc-2098-209428000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=7200
x-ms-version
2009-09-19
s-code-contents-a944d5e0c475908ff0424f1e63c6d310bf3259ae.js
assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/
44 KB
16 KB
Script
General
Full URL
https://assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/s-code-contents-a944d5e0c475908ff0424f1e63c6d310bf3259ae.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
060fb1bbe33ad30a2902ca3e72268d186bfa960480e5d987663adbad1844beb5

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Jun 2019 15:13:54 GMT
server
Apache
etag
"98fcc78a370d49a890475d660d06efbd:1560266034"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16485
expires
Tue, 11 Jun 2019 22:02:51 GMT
medicare.segment.js
www.medicare.uhc.com/etc/segmentation/
48 KB
5 KB
XHR
General
Full URL
https://www.medicare.uhc.com/etc/segmentation/medicare.segment.js?_=1560286971064
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
3bb175bbd82683a055427ac967b91d7150471f26aff04ec0978a72e07bf95507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:43 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=1800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
5054
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=198
Expires
Tue, 11 Jun 2019 21:32:51 GMT
stores.init.js
www.medicare.uhc.com/etc/clientcontext/default/content/jcr:content/
68 KB
7 KB
XHR
General
Full URL
https://www.medicare.uhc.com/etc/clientcontext/default/content/jcr:content/stores.init.js?path=%2Fcontent%2Fmedicare%2Fmember%2Fpayments%2Foverview&cq_ck=1560286971899
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
ed3308310e80c142f330431accecb1d0d8526894932c078f376dcb77ab2dafbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:02:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 15:12:42 GMT
X-Frame-Options
SAMEORIGIN
Content-type
application/x-javascript
Cache-Control
max-age=31535000, public, no-transform
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
6994
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=194
Expires
Tue, 11 Jun 2019 21:32:51 GMT
Cookie set dest5.html
unitedhealthgroup.demdex.net/ Frame EB78
0
0
Document
General
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.137.239 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-137-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
unitedhealthgroup.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Accept-Encoding
gzip, deflate, br
Cookie
demdex=03247401649358294730104970927469596680
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 11 Jun 2019 14:23:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=03247401649358294730104970927469596680;Path=/;Domain=.demdex.net;Expires=Sun, 08-Dec-2019 21:02:52 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
OopdZk3OTUQ=
Content-Length
2764
Connection
keep-alive
iFrame.html
universal.iperceptions.com/ Frame 1D24
0
0
Document
General
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.253 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8FD2) /
Resource Hash

Request headers

:method
GET
:authority
universal.iperceptions.com
:scheme
https
:path
/iFrame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793

Response headers

status
200
content-encoding
gzip
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=2592000
content-md5
pLjuDcOgoovAGEBq8bQPCg==
content-type
text/html
date
Tue, 11 Jun 2019 21:02:53 GMT
etag
0x8D5EB227CAC4A5D
last-modified
Mon, 16 Jul 2018 13:46:09 GMT
server
ECAcc (frc/8FD2)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
495aee31-501e-0095-535c-2091ae000000
x-ms-version
2009-09-19
content-length
634
InviteTriggers
api.iperceptions.com/
0
165 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://www.medicare.uhc.com
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
securitytoken

Response headers

pragma
no-cache
date
Tue, 11 Jun 2019 21:02:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
access-control-allow-origin
*
x-powered-by
ASP.NET
status
200
cache-control
no-cache
access-control-allow-headers
securitytoken
content-length
0
expires
-1
InviteTriggers
api.iperceptions.com/
241 B
305 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cc0acc8c5c4696e6615bb2fbcd12372b7c88a9bcfe5830c4ba9cb0ca68f68e47

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com
SecurityToken
ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jun 2019 21:02:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
IpEngine_v77.2.js
universal.iperceptions.com/core/
11 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/core/IpEngine_v77.2.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.253 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8E95) /
Resource Hash
e6096322fee6cbb7f90b11f3d87138c4a8d18059ae13c2dadf437edd7806e9ff

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2019 21:02:53 GMT
content-encoding
gzip
content-md5
zhlrduRyUM7jY0LsuqX6lA==
x-cache
HIT
status
200
content-length
3670
x-ms-lease-status
unlocked
last-modified
Mon, 16 Jul 2018 13:42:04 GMT
server
ECAcc (frc/8E95)
etag
0x8D5EB21EA5DDF5A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b7587aea-701e-0089-786b-1c49b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
12426_636953393252251626
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/
332 KB
20 KB
Script
General
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/12426_636953393252251626
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.51 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
57ef97d577d039f2b4c4d8e9191d7e566645edb01b27a7769bf64c20e61b5504

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:53 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 13:48:45 GMT
x-cdn
Incapsula
etag
0x8D6E9BC8762787F
content-type
application/javascript
status
200
x-iinfo
12-4650097-4649922 2CNN RT(1560286973356 0) q(0 0 0 0) r(0 0)
cache-control
max-age=3600, public
content-length
20273
expires
Tue, 11 Jun 2019 22:02:53 GMT
harvest_12426.js
art.azureedge.net/harvest/
9 KB
2 KB
Script
General
Full URL
https://art.azureedge.net/harvest/harvest_12426.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F26) /
Resource Hash
5b0dec219b93c892e9678246c288f231458ec03d6c3f3cc6326f8bf2f67ce83a

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jun 2019 21:02:53 GMT
content-encoding
gzip
content-md5
FJurByNfouBHvjMl5ZVaPQ==
x-cache
HIT
status
200
content-length
2005
x-ms-lease-status
unlocked
last-modified
Fri, 25 May 2018 18:06:14 GMT
server
ECAcc (frc/8F26)
etag
0x8D5C26A34723E62
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
9ed081ee-c01e-00f8-56e8-0de8b4000000
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
127146_CC_v23.js
sd.iperceptions.com/custom-content-collection/
12 KB
12 KB
Script
General
Full URL
https://sd.iperceptions.com/custom-content-collection/127146_CC_v23.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.51 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
453287c7b36442e4665357d8ab74fec190c5ae9c18c4bbc2710d10bd62a0f616

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:02:53 GMT
last-modified
Tue, 19 Feb 2019 16:54:11 GMT
x-cdn
Incapsula
etag
0x8D6968ADF2C384E
content-type
application/octet-stream
status
200
x-iinfo
12-4650098-4649775 2CNN RT(1560286973430 0) q(0 0 0 -1) r(0 0)
cache-control
max-age=3600, public
content-length
12177
expires
Tue, 11 Jun 2019 22:02:53 GMT
ip.gif
post.iperceptions.com/
32 B
430 B
XHR
General
Full URL
https://post.iperceptions.com/ip.gif?sid=93fd879a-a8ee-e504-9ee2-cac84e8d1412&vid=ffe8e9ba-eff7-119e-3418-d9b5e44080e6&tkid=ef6177e6-a195-4fc1-9b32-7636466e19b5&url=https%3A%2F%2Fwww.medicare.uhc.com%2Fmember%2Fpayments%2Foverview.html%26WT.mc_id%3D8008793%26mrcid%3Dem%3AMem%3AMR%257CMakePayment%257CEGEM3022%257C%3A%3A8008793&title=Premium%20Payments
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
198.72.114.197 Montreal, Canada, ASN32613 (IWEB-AS - iWeb Technologies Inc., CA),
Reverse DNS
198-72-114-197.iperceptions.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com

Response headers

Date
Tue, 11 Jun 2019 21:02:53 GMT
Last-Modified
Mon, 06 Nov 2017 18:05:13 GMT
ETag
"576fcca2957d31:0"
Access-Control-Allow-Methods
GET
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/gif
Access-Control-Allow-Headers
*
Content-Length
32
rb_97fa2012-079e-4466-a82f-15cecc698314
www.medicare.uhc.com/
595 B
1 KB
XHR
General
Full URL
https://www.medicare.uhc.com/rb_97fa2012-079e-4466-a82f-15cecc698314?app=3428e05d7f62d2c2
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
371d35ebd4dced6a22ccf2997e3527081cf8eaa18c7cfdeaf69240a5ca74b6ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

CSRF-Token
[object Object]
Origin
https://www.medicare.uhc.com
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Jun 2019 21:02:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Connection
Keep-Alive
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
362
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=193
rb_97fa2012-079e-4466-a82f-15cecc698314
www.medicare.uhc.com/
595 B
1 KB
XHR
General
Full URL
https://www.medicare.uhc.com/rb_97fa2012-079e-4466-a82f-15cecc698314?app=3428e05d7f62d2c2
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
149.111.129.3 , United States, ASN10879 (UHC - Unitedhealthcare, US),
Reverse DNS
uhcmedicaresolutions-elrvip.uhcmedicaresolutions.com
Software
/
Resource Hash
371d35ebd4dced6a22ccf2997e3527081cf8eaa18c7cfdeaf69240a5ca74b6ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

CSRF-Token
[object Object]
Origin
https://www.medicare.uhc.com
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Jun 2019 21:02:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Connection
Keep-Alive
Timing-Allow-Origin
*
Vary
Accept-Encoding
Content-Length
362
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=30, max=192
wUniversal.aspx
ips-invite.iperceptions.com/
2 KB
2 KB
Script
General
Full URL
https://ips-invite.iperceptions.com/wUniversal.aspx?sdfc=095904e8-127092-fb330c52-9ae4-4a44-a31d-b80f2c680ca0&lID=1&source=91787&visitorID=0928877693&sessionID=93fd879a-a8ee-e504-9ee2-cac84e8d1412&device=desktop&dsc=1
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.51 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
b48152bc0222e74d2b1cda698b282717fe969e61844651e2ee41aef457c19073

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:03:00 GMT
content-encoding
gzip
x-cdn
Incapsula
x-aspnet-version
4.0.30319
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-iinfo
12-4650127-4650128 NNNN CT(113 229 0) RT(1560286980473 0) q(0 0 4 0) r(5 5) U2
cache-control
private,no-cache
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Origin, SecurityToken, Content-Type, Accept
1_wVal.js
ips-invite.iperceptions.com/invitations/invitationsJS/127/s127092/
6 KB
2 KB
Script
General
Full URL
https://ips-invite.iperceptions.com/invitations/invitationsJS/127/s127092/1_wVal.js
Requested by
Host: www.medicare.uhc.com
URL: https://www.medicare.uhc.com/etc/designs/uhc-common/common/acquisition/combinedClientContext/revv_combinedClientcontext-2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.51 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
dde2a50cb268b15d38fb557a5babba9e0cba237936619fd59880881913f3f7bb

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:03:00 GMT
content-encoding
gzip
x-cdn
Incapsula
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-iinfo
12-4650134-4649765 2NNN RT(1560286980967 0) q(0 0 0 -1) r(1 1) U18
content-length
1931
last-modified
Fri, 31 May 2019 20:37:05 GMT
etag
"80eec09bf017d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Origin, SecurityToken, Content-Type, Accept
expires
Thu, 01 Jan 1970 00:00:00 GMT
EXPO_v1.1.1.min.js
sd.iperceptions.com/custom-content-collection/
23 KB
23 KB
Script
General
Full URL
https://sd.iperceptions.com/custom-content-collection/EXPO_v1.1.1.min.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.51 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
b0199ee0051f8df8d30b48a0bd5d7cf88edb3fa039c305eff6f5449f9ebf9d02

Request headers

Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 11 Jun 2019 21:03:01 GMT
last-modified
Fri, 08 Feb 2019 19:42:56 GMT
x-cdn
Incapsula
etag
0x8D68DFD9F7B42F5
content-type
application/octet-stream
status
200
x-iinfo
12-4650135-4650136 2CNN RT(1560286981117 0) q(0 0 0 0) r(0 0)
cache-control
max-age=3600, public
content-length
23550
expires
Tue, 11 Jun 2019 22:03:01 GMT
truncated
/ Frame 91B6
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
counter_N.png
ips-img.iperceptions.com/Counter/ Frame 91B6
119 B
475 B
Image
General
Full URL
https://ips-img.iperceptions.com/Counter/counter_N.png?surveyID=127092&siteID=undefined&langID=1&traceID=2&seed=7835452
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
198.72.114.197 Montreal, Canada, ASN32613 (IWEB-AS - iWeb Technologies Inc., CA),
Reverse DNS
198-72-114-197.iperceptions.com
Software
/
Resource Hash
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 11 Jun 2019 21:03:01 GMT
Last-Modified
Mon, 09 May 2011 14:45:35 GMT
ETag
"4d2f93c157ecc1:0"
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
119
truncated
/ Frame 91B6
567 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46f5013ac4e2cd13e06f81d66831290f12a542ec9726aee0153be9a9d901ad0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 91B6
544 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41771cc4535ba2e5129b91022598305fa5ee8b66ed5a66a940849076a2640dff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 91B6
599 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93716e0aec6deb72d949380e0456eeef64dfbe06b1e2a1ca3084e3170459a5be

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
collectionEvo.woff
collect.iperceptions.com/Content/themes/base/fonts/ Frame 91B6
5 KB
6 KB
Font
General
Full URL
https://collect.iperceptions.com/Content/themes/base/fonts/collectionEvo.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.179.169 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
defc44c93eb185f64b0400fa928b43e778625b7c963d746ad3fef282d127cc79

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com

Response headers

Date
Tue, 11 Jun 2019 21:03:00 GMT
Last-Modified
Tue, 22 Jan 2019 18:47:11 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"632243e282b2d41:0"
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
Cache-Control
no-cache,max-age=1296000
Accept-Ranges
bytes
Content-Type
application/font-woff
access-control-allow-headers
content-type
Content-Length
5056
opensans600.woff
collect.iperceptions.com/Content/themes/base/fonts/ Frame 91B6
21 KB
22 KB
Font
General
Full URL
https://collect.iperceptions.com/Content/themes/base/fonts/opensans600.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.179.169 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
Origin
https://www.medicare.uhc.com

Response headers

Date
Tue, 11 Jun 2019 21:03:00 GMT
Last-Modified
Tue, 22 Jan 2019 18:47:11 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"f7a64de282b2d41:0"
P3P
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
Cache-Control
no-cache,max-age=1296000
Accept-Ranges
bytes
Content-Type
application/font-woff
access-control-allow-headers
content-type
Content-Length
21704

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dT_ object| dtrum function| Visitor object| _satellite object| s_c_il number| s_c_in function| $ function| jQuery object| matched object| browser function| initializeTeaserLoader function| initializeLandingPageLoader object| Granite object| _g function| $CQ object| CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH function| _ object| CQ_Analytics object| CQ_Context boolean| CQ_trackTeasersStats boolean| CQ_trackLandingPagesStats object| ClientContext object| ContextCloud string| aemRunMode object| util_date function| addEvent function| fixIeBackgroundImageCache function| loadJavascriptFile function| loadStyleSheet function| writeImageTag object| commonSiteId function| setSiteId function| writeTextForSite object| externalLinkMap function| externalLink function| writeExternalAnchorLink function| writeExternalLink function| writeExternalImageLink function| getQueryStringParameter function| resetPortlet function| refreshPortlet function| focusUserTextbox function| focusPasswordField function| submitGoogleSearch function| processEnterKeySubmit function| getCookie function| readCookie function| setCookie function| createCookie function| deleteCookie function| eraseCookie function| checkOnBlur function| checkOnFocus function| formatNumber undefined| css_browser_selector function| _typeof function| _extends object| state object| _gsScope function| resizeIframeHeight function| toggleMenu function| toggleSubMenu function| clearStyles function| toggleIcon function| throttle function| getScrollBarWidth function| moveUtilities object| jQuery112407563760502708661 object| lockrRoom function| sightglass object| rivets object| Store object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| CSSPlugin function| Awesomplete object| html5 object| Modernizr function| html2canvas function| moment function| Spinner object| Ladda object| pageDataLayer object| uhcmnr string| mrrest_service_base_uri string| secureMessaging_uri string| searchMail_uri string| secureMessagingOptIn_uri string| productSummary_uri string| clickToCall_uri string| currentTime_uri string| sendUsQuestion_group_uri string| sendUsQuestion_not_group_uri string| base_mrrest_service_uri string| member_validation_service string| member_additionalinfo_service string| member_additionalPlanInfo_service string| member_createAccount_service string| member_username_validation_service string| member_sendemail_service string| get_eligibility_service string| get_formsAndResources_service string| get_formsAndResources_service_for_group string| get_formsAndResources_service_for_ship function| getAngularApp function| fireDTMEvent function| fireErrEvent function| fireLinkEvent function| onLoad function| dtmMicroTaskStart function| dtmMicroTaskComplete function| dtmSaveOpPresented function| dtmSaveOpAccepted function| dtmaccordionOpen function| dtmPreferenceChange function| dtmModalOpen function| dtmLogout function| fireContentDTMEvent undefined| dtmContentSecObject function| onLoadContent string| sitename object| DTMDataMemberSite string| iperceptionskey string| requestUrl undefined| pageNameEx undefined| taskNameEx undefined| siteSectionL1 undefined| dtmContentObject object| needHelpApp object| lastUpdatedandcopyright string| pageName function| dtmTabOnClick object| campaigns string| s_account string| thisPage object| prodDomains number| domainCounter function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s number| s_objectID number| s_giq object| iPerceptions object| angular object| ipDef function| initharvest boolean| result number| langId number| j object| trigger number| rate object| condition object| ipeCC object| iperceptions_127146 object| SEAC object| _dL object| ipe127092 object| ipEXPO

3 Cookies

Domain/Path Name / Value
.uhc.com/ Name: dtPC
Value: -14$286970743_445h6vOHPWWOPKCAERNAMHUBXOXWSJJEPOTRBL
.uhc.com/ Name: rxvt
Value: 1560288772957|1560286972957
.uhc.com/ Name: dtCookie
Value: -16$G29TVNA352ULA1A1L3G8FSR0D0FCMI3K

6 Console Messages

Source Level URL
Text
console-api log URL: https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/thirdparty.min.js(Line 16422)
Message:
angular-moment-picker.js
console-api log URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793(Line 227)
Message:
Global Header--- medicaredomain: https://member.uhc.com--- rallyconnect: https://connect.werally.com--- whitelevelbasedomain: https://member.mymedicareaccount.com
console-api log URL: https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793(Line 706)
Message:
before :: if https://www.medicare.uhc.com/member/payments/overview.html&WT.mc_id=8008793&mrcid=em:Mem:MR%7CMakePayment%7CEGEM3022%7C::8008793
console-api warning URL: https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/thirdparty.min.js(Line 3020)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null
console-api log URL: https://assets.adobedtm.com/bff7f95d5e60a9bb1bafa9115ce25108c698418f/s-code-contents-a944d5e0c475908ff0424f1e63c6d310bf3259ae.js(Line 82)
Message:
appMeasurement main plug-in code start
console-api log URL: https://www.medicare.uhc.com/etc/clientlibs/uhc-mnr/member/scripts/common.min.js(Line 727)
Message:
DTM*DTM*DTM* No onLoad DTM Object to send.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iperceptions.com
api.member.mymedicareaccount.com
api.member.uhc.com
art.azureedge.net
assets.adobedtm.com
cdnjs.cloudflare.com
click.news.uhcmedicaresolutions.com
cm.everesttech.net
collect.iperceptions.com
dpm.demdex.net
fonts.googleapis.com
ips-img.iperceptions.com
ips-invite.iperceptions.com
metrics.uhc.com
post.iperceptions.com
sd.iperceptions.com
unitedhealthgroup.demdex.net
universal.iperceptions.com
www.medicare.uhc.com
107.154.114.243
149.111.129.3
192.229.221.253
198.72.114.197
2.18.232.23
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6813:c497
2a00:1450:4001:818::200a
34.246.137.239
45.60.124.51
45.60.33.26
52.138.200.61
52.178.179.169
52.215.56.157
66.117.28.86
66.117.29.224
66.231.91.47
060fb1bbe33ad30a2902ca3e72268d186bfa960480e5d987663adbad1844beb5
07766aafeee2520fcdee3b75c1983890482ada6ad45612ee69b8d636c4cd6175
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
3591f3544ccf15868b22a95ed5539c800f2bbab0b862e9f734f21e2da90ab6d4
365a4f6f0ddd1560d1c7108c38439b0e44f0624240afb6fdde0bfea2e51d8fe9
371d35ebd4dced6a22ccf2997e3527081cf8eaa18c7cfdeaf69240a5ca74b6ae
3b1a3021a14fa35b9c8241f9d7d05e962115087b1123e5a217cec089a303d7f9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bb175bbd82683a055427ac967b91d7150471f26aff04ec0978a72e07bf95507
3c89f4542fc6a98d9fc9ec029d283c87a1316690a43f933587c020f990c7a8b9
41771cc4535ba2e5129b91022598305fa5ee8b66ed5a66a940849076a2640dff
42a5b7c54acba284a16d92ab93b686b4245e2c8e85b38f5c63b2cd85585f9d7c
453287c7b36442e4665357d8ab74fec190c5ae9c18c4bbc2710d10bd62a0f616
46f5013ac4e2cd13e06f81d66831290f12a542ec9726aee0153be9a9d901ad0b
57a3632db6fb3d61c1fdf3293522ce572bcb4e269c0bb7282a498a9ee9e1477a
57ef97d577d039f2b4c4d8e9191d7e566645edb01b27a7769bf64c20e61b5504
59024350dfc6ce67119452731bf0a0876a1bf8195badae2021eeb16e607daba2
5b0dec219b93c892e9678246c288f231458ec03d6c3f3cc6326f8bf2f67ce83a
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
65993825139c096805125897ab0892bdefdadfc3cc5a9bcd3d3ac0e56205ac4a
66fa56879725a0b26d14d83c3470ff972bbc2a503335497a70cf5fe5a1a8f89e
7183502aa66e3c9d35dbc654b888ec171e8f1562e71c42f350a6966d8086abd2
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8d750d26dce2ca11e8dde5cb2686a55c9d87281ff7acdea19342beebe04ebf55
93716e0aec6deb72d949380e0456eeef64dfbe06b1e2a1ca3084e3170459a5be
986954b6deb9904044ce922bc72b837ad4118f6325d1da1eb66b3908a6bbd2e3
9bba2f9ccf8e6b437ca29755d41deb2add0058f4159ecc4b513c66b8f87f013e
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
a95225b34a3a827674bb6572617e342d654cf0fd7201fc20441c3397f9de18a8
a968bc96c9e3f941488d6db6b0bd5ca6ec86a6b35ad18c043e82738580201177
b0199ee0051f8df8d30b48a0bd5d7cf88edb3fa039c305eff6f5449f9ebf9d02
b48152bc0222e74d2b1cda698b282717fe969e61844651e2ee41aef457c19073
bc77c9c7df7af2943bee783a6d57c7c5b8c69cab775f6fab3f0afe12bfb1fdb8
bf0149bb085397bacd9c07f404732d62983d9f7ca04c5ee1cf594dac5e90cad6
cc0acc8c5c4696e6615bb2fbcd12372b7c88a9bcfe5830c4ba9cb0ca68f68e47
d19c6d272479b2dd2f1ce1cfcc88b8e5609812b4a6de3788ea4189fd8c80457e
d8b08e92695113962a5409d628c80a250d16aa342a16bd680b6f4419c49c4293
dde2a50cb268b15d38fb557a5babba9e0cba237936619fd59880881913f3f7bb
defc44c93eb185f64b0400fa928b43e778625b7c963d746ad3fef282d127cc79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6096322fee6cbb7f90b11f3d87138c4a8d18059ae13c2dadf437edd7806e9ff
ed3308310e80c142f330431accecb1d0d8526894932c078f376dcb77ab2dafbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa41002644d18a58b31b31586b996a6535f8cf490c239423c4b9a1cb6ecb668
f04e9051c160d4a4e7a4453c4c51a1a53187c397c9a81f6f0a6b373a10182eac
ffa0b9cfceb849fc14d740495a4c5b5e568c2c5487295f61c8ae2ca6b70450e3