www.citizenshealthplan.com Open in urlscan Pro
18.196.95.178  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.citizenshealthplan.com/	80 KB 12 KB	137ms 37ms	Document text/html	18.196.95.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.citizenshealthplan.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-95-178.eu-central-1.compute.amazonaws.com Software / Resource Hash 98a290ed35d4b1e720db21a121613355d8435b1573c716412ec1f9a818e078bd Request headers Host www.citizenshealthplan.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Wed, 04 Mar 2020 13:37:32 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close P3P CP="This is not a privacy policy." X-Unbounce-PageId bdd1bce6-f7fa-4553-936b-591acaa67f15 ETag 6cf99453c9e1ca97347849a660a613ae Content-Location https://www.citizenshealthplan.com/ X-Unbounce-VisitorID 85.159.237.681584416907038990 Last-Modified Mon, 21 Oct 2019 13:49:53 GMT X-Unbounce-Variant a Link <https://www.citizenshealthplan.com/>; rel="canonical" Set-Cookie ubpv=a%2Cbdd1bce6-f7fa-4553-936b-591acaa67f15; Max-Age=15897600; Expires=Fri, 04 Sep 2020 13:37:32 GMT; Path=/ ubvs=85.159.237.681584416907038990; Max-Age=15552000; Expires=Mon, 31 Aug 2020 13:37:32 GMT; Path=/ ubvt=85.159.237.681584416907038990; Max-Age=259200; Expires=Sat, 07 Mar 2020 13:37:32 GMT; Path=/; Domain=citizenshealthplan.com Content-Encoding gzip X-Proxy-Backend page-server
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	113ms 24ms	Stylesheet text/css	13.224.194.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.194.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-82.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 02 Mar 2020 10:57:29 GMT content-encoding gzip age 182404 x-cache Hit from cloudfront status 200 content-length 2902 last-modified Sat, 29 Feb 2020 00:45:28 GMT server AmazonS3 etag "97189f5e2afbc1965f7a4aaea5b15f98" x-amz-version-id 6aJvfbrugELb.bOQ0UumEtpTLhfHY_q3 via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type text/css x-amz-cf-id Jikl4AkEOtcF83YhoMFG0Y64BJMIK5kaYyBqZUUm9bE7b9442ghjiA==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/	70 KB 25 KB	29ms 8ms	Script text/javascript	2a00:1450:4001:814::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 31 Jan 2020 00:51:02 GMT content-encoding gzip x-content-type-options nosniff age 2897190 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24715 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Jan 2021 00:51:02 GMT
GET H2	200	jquery-shims.bundle-0983003.z.js Show response builder-assets.unbounce.com/published-js/	6 KB 2 KB	113ms 25ms	Script application/javascript	13.224.194.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.194.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-82.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 02 Mar 2020 19:07:18 GMT content-encoding gzip age 153015 x-cache Hit from cloudfront status 200 content-length 1993 last-modified Mon, 02 Mar 2020 18:46:15 GMT server AmazonS3 etag "c37f7556487fc7569bf7b218fd56ef59" x-amz-version-id xo50lc5EoY4OBmO7QYdyqLWgC3gvRgCi via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id 6HKBdNzt-wU9xXwSCC8p-0Gs5lHID1pGsLF4tQxpYnRxhR99Ammd-Q==
GET H2	200	transparent.gif d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	42 B 421 B	558ms 496ms	Image image/gif	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/transparent.gif Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "d89746888da2d9510b64a9f031eaecd5" x-cache Miss from cloudfront x-amz-version-id _e7BgsBHF1kFnYYBKHV9Q4w2kSXfcWQb status 200 cache-control max-age=604800 accept-ranges bytes content-type image/gif content-length 42 x-amz-cf-id g2maAszP5UvOTCT6OMRLqQGJSznZ7l8R7ooVp1bxYeb3l6w6VEHT2A==
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	4 KB 2 KB	90ms 26ms	Script application/x-javascript	143.204.94.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.94.29 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-94-29.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 03 Mar 2020 23:35:02 GMT Content-Encoding gzip Last-Modified Mon, 13 Jan 2020 19:16:48 GMT Server AmazonS3 Age 51042 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront) Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 Connection keep-alive X-Amz-Cf-Id swLfb4fHfwWFJEnzvCQBarX16w64fc1rbiRUZDKOPJMWFEzUg79HYA==
GET H2	200	main.bundle-06fd494.z.js Show response builder-assets.unbounce.com/published-js/	104 KB 33 KB	30ms 29ms	Script application/javascript	13.224.194.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.194.82 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-82.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06fd4943a778495443f99fa568896b8e73328859bf1c810d04fe269e5256080e Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 02 Mar 2020 06:42:00 GMT content-encoding gzip age 197733 x-cache Hit from cloudfront status 200 content-length 33613 last-modified Thu, 17 Oct 2019 20:44:59 GMT server AmazonS3 etag "742b822eabf893d76bb62ed1a923bc6a" x-amz-version-id rm_QVQGwbX.tFj_YyxlphfD2X5KNjHrl via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id 0ZiSDLNphrky5Hb7Lg5aFos3C67y3G0xM5toMLC53bJr2RPgS9mE-Q==
GET H2	200	3ce477f2-istock-000014547057medium.jpg d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	1 MB 1 MB	477ms 475ms	Image image/jpeg	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/3ce477f2-istock-000014547057medium.jpg Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 17108d08a73591fe31c5a4bcec2f772e55739ec704159c0296cbf958c6313b30 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "339c089633138e6fb726897c9e917caf" x-cache Miss from cloudfront x-amz-version-id .1nnx0QHIdylsZk3TQonR8j67rUPCMRV status 200 cache-control max-age=604800 accept-ranges bytes content-type image/jpeg content-length 1509910 x-amz-cf-id 3Df_Qx2lC3i1lqidhD7ez8oLs5FTgAPJtprfhpxVY5iEnw8AbxpwZw==
GET H2	200	976a249e-washington.jpg d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	504 KB 505 KB	478ms 476ms	Image image/jpeg	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/976a249e-washington.jpg Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a258c0552d3af7c8c12958a9052b0eb3b268e17ee6f41412283b660ae8c334ab Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "33d6e0ffe0a57cb0c73eab2ad21ee2c8" x-cache Miss from cloudfront x-amz-version-id h949mpQb9UKCE87NTxWblvzcOBAGplnP status 200 cache-control max-age=604800 accept-ranges bytes content-type image/jpeg content-length 516036 x-amz-cf-id reQhYTZQ2e5fsDUjcsUlm7U-jBJ-iUPm1adsTgGWp1TpSq8KqxFxeQ==
GET H2	200	5f81ec69-country.jpg d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	861 KB 862 KB	324ms 322ms	Image image/jpeg	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/5f81ec69-country.jpg Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 83aa7983732e1a226de9c04fca0f3bca4ae4401a9af857ef9e488ef11218b834 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "7b5be6295b6f3c9ae3854173bd394e74" x-cache Miss from cloudfront x-amz-version-id cDYYZRCM4KmQOaqyYaJEU6ZyZETNcbPb status 200 cache-control max-age=604800 accept-ranges bytes content-type image/jpeg content-length 881410 x-amz-cf-id cHVbKjIczl7yGDLdjimYuMP0ALCp6-BT5xXdJoe7Cua-qPrJvuPnaA==
GET H2	200	38cd9619-chp-cta1.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	69 KB 70 KB	477ms 476ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/38cd9619-chp-cta1.png Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash affb60fcc101fe6ac941dd53657f3338ed8d52ba47f2553efa1e9c07f16120c8 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "7fc7ce6a0cd0676171ec3dbe945775fc" x-cache Miss from cloudfront x-amz-version-id JE.NHTL_S.Z0gZIGl_TUkD81qjqcrd6q status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 70932 x-amz-cf-id Hyhs6i0RNc7msST2p8qLLCR9M5sfdnsIWnDCX6ZjIcSyDvYgR0eWWQ==
GET H2	200	bb4e56fd-gazing_000000000000000000001.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	3 MB 3 MB	254ms 200ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/bb4e56fd-gazing_000000000000000000001.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash bca1d16b49db44195419cb259e1cc4fb5689b5581a23a598742651b82767f0e7 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "ac2b031503ce40f6c5ad25a31cac630f" x-cache Miss from cloudfront x-amz-version-id iy8kF1HFG_PspewjDu9ykMYz5gKz.3rM status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 3134876 x-amz-cf-id VvK9g4Taw9KlxY5ELF8af4fWa4m9joR7pNWzlr2SJ8ZYvNWVsHjCmA==
GET H2	200	fb50f89a-flag1_000000000000000000001.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	890 KB 891 KB	250ms 196ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/fb50f89a-flag1_000000000000000000001.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 587f448f23d981df313d4d5851ee5140780967720e6197afda9ec5f4368947ff Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "149f3102eba84780f055c7e35957e0ea" x-cache Miss from cloudfront x-amz-version-id EubrHyKrI0AMVKAz0xHbswWLqnSAj35r status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 911240 x-amz-cf-id WozIbiL3CLtvkBMkHYTaFa3_QwWzIhSXA1ULOzAfC9KFiqMQyRlQjA==
GET H2	200	1d38c4cc-flag2_00000000000000000001o.jpg d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	61 KB 62 KB	527ms 474ms	Image image/jpeg	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/1d38c4cc-flag2_00000000000000000001o.jpg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 74191eea8df9979f8e597f2ed5461d1f3dbb4ddd15b74398ddf1fc09e36a0a5d Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "9b7b56c825045091d0f4950f4290171f" x-cache Miss from cloudfront x-amz-version-id vWslduqcYQgDlWHwqUZdfhpfGgoZ.1ZV status 200 cache-control max-age=604800 accept-ranges bytes content-type image/jpeg content-length 62680 x-amz-cf-id Xogzm3DUzm0MM2LOPHFVb9mqX_8nXk_5kcaL1CW2iQVZCMxAjzf5ZQ==
GET H2	200	0afd4e37-caduceus-bg_0000000m00du000008001.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	20 KB 20 KB	236ms 181ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/0afd4e37-caduceus-bg_0000000m00du000008001.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 182defc37089ce55ac03a356fc33fd4bc02fc962b6e7af8a7c64a4d64164a528 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:56 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "bc364ad449d5bf48f5d7a708971cc57a" x-cache Miss from cloudfront x-amz-version-id NSLfFIuGw_vbhCi5l2N4iTgmLnY1XfK5 status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 20032 x-amz-cf-id bQjldaE4vgKg8JgmplN6532CHRgSrlnUt-S0heo3mrz0Euk6Ovs06g==
GET BLOB	200 OK	2fa75fb0-784c-4a3d-acde-63da4c1873c7 https://www.citizenshealthplan.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://www.citizenshealthplan.com/2fa75fb0-784c-4a3d-acde-63da4c1873c7 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Content-Length 5603 Content-Type text/css
GET H2	200	css fonts.googleapis.com/	2 KB 623 B	20ms 20ms	Stylesheet text/css	2a00:1450:4001:816::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Baskerville:regular,700%7CLato:regular Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 42211f5741075b8a761d45173f5ff8e2f48506de9d778c81336758f6bd444754 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 04 Mar 2020 13:37:32 GMT server ESF date Wed, 04 Mar 2020 13:37:32 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 04 Mar 2020 13:37:32 GMT
GET H2	200	1adzx0l-o-icons-star-32x32_000000000000000000001.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	288 B 667 B	567ms 566ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/1adzx0l-o-icons-star-32x32_000000000000000000001.png Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 46cb130cd4d8bb5c5921687757bb50cbdd787cb078a49c8b7a1b3a1eb75ff944 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "55f5065046cda081ae91105141dae51c" x-cache Miss from cloudfront x-amz-version-id F5wAvdBBjCE74qumWedyjwgJXFcBU8Jy status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 288 x-amz-cf-id R5qg6OL6srzI0s1glRRQhTMVh1P0lshUzRy8jFuta1utq_AmFFBN1g==
GET H2	200	ce4aef2e-sell-our-plan-button_08w02b000000000000001.png d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/	15 KB 15 KB	463ms 463ms	Image image/png	13.225.84.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/www.citizenshealthplan.com/ce4aef2e-sell-our-plan-button_08w02b000000000000001.png Requested by Host: www.citizenshealthplan.com URL: https://www.citizenshealthplan.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.84.77 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-77.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash bb467dc068f91d3c2c0b19142fde56cce6719cfed9873ef67ce05d4183ca3d46 Request headers Referer https://www.citizenshealthplan.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 04 Mar 2020 13:37:33 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Mon, 21 Oct 2019 13:49:54 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "40dace1cc454f219f27cedf9ad244f5b" x-cache Miss from cloudfront x-amz-version-id IipPrFEjcdqVjz0eLRk0EguNfVzcOVwZ status 200 cache-control max-age=604800 accept-ranges bytes content-type image/png content-length 15011 x-amz-cf-id sdBjmDns79l5Bw7Pim_grjWMF_68YFz28EZJes-kq7qAjGCtgo_pQA==
GET H2	200	kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2 fonts.gstatic.com/s/librebaskerville/v7/	17 KB 17 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librebaskerville/v7/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa2eeb23336e362bb5dfee8b5396267a270032fa8db0d42204debc125b1cdab4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Baskerville:regular,700%7CLato:regular Origin https://www.citizenshealthplan.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 03:48:09 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:17 GMT server sffe age 2540963 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 17444 x-xss-protection 0 expires Wed, 03 Feb 2021 03:48:09 GMT
GET H2	200	kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2 fonts.gstatic.com/s/librebaskerville/v7/	18 KB 18 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librebaskerville/v7/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Baskerville:regular,700%7CLato:regular Origin https://www.citizenshealthplan.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 11:38:33 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:25:36 GMT server sffe age 2512739 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 17984 x-xss-protection 0 expires Wed, 03 Feb 2021 11:38:33 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Baskerville:regular,700%7CLato:regular Origin https://www.citizenshealthplan.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 04 Feb 2020 02:02:12 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 2547320 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14044 x-xss-protection 0 expires Wed, 03 Feb 2021 02:02:12 GMT
GET H2	200	up insight.adsrvr.org/track/ Frame A445	0 0	142ms 48ms	Document text/html	54.246.153.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=h3yi3w7&ref=https%3A%2F%2Fwww.citizenshealthplan.com%2F&upid=z38n2i9&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.246.153.43 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-153-43.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers :method GET :authority insight.adsrvr.org :scheme https :path /track/up?adv=h3yi3w7&ref=https%3A%2F%2Fwww.citizenshealthplan.com%2F&upid=z38n2i9&upv=1.1.0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.citizenshealthplan.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.citizenshealthplan.com/ Response headers status 200 date Wed, 04 Mar 2020 13:37:33 GMT content-type text/html cache-control private,no-cache, must-revalidate pragma no-cache x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| lp object| ub object| module function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.citizenshealthplan.com/	1970-01-19 07:53:08	Name: ubvt Value: 85.159.237.681584416907038990
			www.citizenshealthplan.com/	1970-01-19 12:08:01	Name: ubvs Value: 85.159.237.681584416907038990
			www.citizenshealthplan.com/	1970-01-19 12:13:46	Name: ubpv Value: a%2Cbdd1bce6-f7fa-4553-936b-591acaa67f15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
www.citizenshealthplan.com
13.224.194.82
13.225.84.77
143.204.94.29
18.196.95.178
2a00:1450:4001:814::200a
2a00:1450:4001:816::200a
2a00:1450:4001:81d::2003
54.246.153.43
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
06fd4943a778495443f99fa568896b8e73328859bf1c810d04fe269e5256080e
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
17108d08a73591fe31c5a4bcec2f772e55739ec704159c0296cbf958c6313b30
182defc37089ce55ac03a356fc33fd4bc02fc962b6e7af8a7c64a4d64164a528
42211f5741075b8a761d45173f5ff8e2f48506de9d778c81336758f6bd444754
46cb130cd4d8bb5c5921687757bb50cbdd787cb078a49c8b7a1b3a1eb75ff944
587f448f23d981df313d4d5851ee5140780967720e6197afda9ec5f4368947ff
74191eea8df9979f8e597f2ed5461d1f3dbb4ddd15b74398ddf1fc09e36a0a5d
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
83aa7983732e1a226de9c04fca0f3bca4ae4401a9af857ef9e488ef11218b834
98a290ed35d4b1e720db21a121613355d8435b1573c716412ec1f9a818e078bd
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a258c0552d3af7c8c12958a9052b0eb3b268e17ee6f41412283b660ae8c334ab
affb60fcc101fe6ac941dd53657f3338ed8d52ba47f2553efa1e9c07f16120c8
bb467dc068f91d3c2c0b19142fde56cce6719cfed9873ef67ce05d4183ca3d46
bca1d16b49db44195419cb259e1cc4fb5689b5581a23a598742651b82767f0e7
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa2eeb23336e362bb5dfee8b5396267a270032fa8db0d42204debc125b1cdab4