access.bluecrossma.com Open in urlscan Pro
34.111.193.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bcbsma.zycus.com/
Effective URL:
https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https:...
Submission: On September 28 via api (September 28th 2024, 2:03:45 pm UTC) from US — Scanned from US

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 56 HTTP transactions. The main IP is 34.111.193.32, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is access.bluecrossma.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 15th 2024. Valid for: a year.

This is the only time access.bluecrossma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 26	23.55.204.67 23.55.204.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.139.54.225 108.139.54.225	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:24e... 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c	14618 (AMAZON-AES) (AMAZON-AES)
1 26	34.111.193.32 34.111.193.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	37.19.207.34 37.19.207.34	60068 (CDN77 _) (CDN77 _)
56	6

26 23.55.204.67 (Ashburn, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-204-67.deploy.static.akamaitechnologies.com

bcbsma.zycus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zauth.zycus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zauth-admin.zycus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.54.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-225.jfk50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 34.111.193.32 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.193.111.34.bc.googleusercontent.com

access.bluecrossma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	bluecrossma.com 1 redirects access.bluecrossma.com bluegateway-stg.bluecrossma.com Failed	3 MB
26	zycus.com 3 redirects bcbsma.zycus.com zauth.zycus.com zauth-admin.zycus.com	2 MB
2	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 11239	22 KB
2	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 638	286 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1460	51 KB
0	Failed function sub() { [native code] }. Failed
56	6

	Domain	Requested by
26	access.bluecrossma.com	1 redirects access.bluecrossma.com
15	bcbsma.zycus.com	1 redirects bcbsma.zycus.com www.datadoghq-browser-agent.com
10	zauth-admin.zycus.com	1 redirects bcbsma.zycus.com zauth-admin.zycus.com
2	fonts.bunny.net	access.bluecrossma.com fonts.bunny.net
2	browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
1	zauth.zycus.com	1 redirects
1	www.datadoghq-browser-agent.com	bcbsma.zycus.com
0	bluegateway-stg.bluecrossma.com Failed
0	truncated Failed	zauth-admin.zycus.com
56	9

This site contains links to these domains. Also see Links.

Domain
passwordreset.bluecrossma.com
bluegateway.bluecrossma.com

Subject Issuer	Validity	Valid
*.zycus.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-27` - `2025-06-26`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-14` - `2025-05-17`	a year	crt.sh
access.bcbsma.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2025-04-14`	a year	crt.sh
fonts.bunny.net R11	`2024-08-19` - `2024-11-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie=
Frame ID: 85C31601341D11898FA20A5E90C7FAFE
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://bcbsma.zycus.com/ HTTP 307
https://bcbsma.zycus.com/ HTTP 302
https://bcbsma.zycus.com/home// Page URL
https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=... HTTP 302
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&clien... HTTP 303
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixI... Page URL
https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod Page URL
https://access.bluecrossma.com/am/UI/Login?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realm... HTTP 302
https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/Zy... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

56
Requests

95 %
HTTPS

20 %
IPv6

6
Domains

9
Subdomains

6
IPs

1
Countries

4769 kB
Transfer

9066 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.bluecrossma.com/PasswordResetServer/Login.aspx?ReturnUrl=%2fPasswordResetServer%2f
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://bluegateway.bluecrossma.com/terms
Title: Click here for Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bcbsma.zycus.com/ HTTP 307
https://bcbsma.zycus.com/ HTTP 302
https://bcbsma.zycus.com/home// Page URL
https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fbcbsma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=bcbsma HTTP 302
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=r-xtn7nQDZZAKyM4nmEK3ZIqGRVhH1iPhg9gSG0nwlw%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=bcbsma HTTP 303
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o Page URL
https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod Page URL
https://access.bluecrossma.com/am/UI/Login?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie= HTTP 302
https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bcbsma.zycus.com/ HTTP 307
https://bcbsma.zycus.com/ HTTP 302
https://bcbsma.zycus.com/home//

Request Chain 16

https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fbcbsma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=bcbsma HTTP 302
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=r-xtn7nQDZZAKyM4nmEK3ZIqGRVhH1iPhg9gSG0nwlw%3D&redirect_uri=https://zauth.zycus.com/login/oauth2/code/zycusopenid&kc_idp_hint=bcbsma HTTP 303
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
bcbsma.zycus.com/home//
Redirect Chain

http://bcbsma.zycus.com/
https://bcbsma.zycus.com/
https://bcbsma.zycus.com/home//

7 KB
7 KB

91ms
90ms

Document
text/html

23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f03c4bb69631457c1e100e573caf8d6ed5a8f0dbd70a287551845940f2df631f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache
content-length: 7332
content-type: text/html; charset=utf-8
date: Sat, 28 Sep 2024 14:03:38 GMT
etag: "66ec4f60-1ca4"
expires: Sat, 28 Sep 2024 14:03:38 GMT
last-modified: Thu, 19 Sep 2024 16:20:48 GMT
pragma: no-cache
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Sat, 28 Sep 2024 14:03:38 GMT
location: https://bcbsma.zycus.com/home//

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v5/ 161 KB
51 KB 93ms
10ms Script
text/javascript 108.139.54.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.54.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-54-225.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83ee5b04a1a2420004b7ff156f1b1ded503e1a2ac70386c23d8e2efdda57ea4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
content-encoding: br
etag: W/"fa215d1207688410d1670f1a2d4a4f5f"
age: 52
via: 1.1 ed4584f7c263c11cf4adf75ba3a25764.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Pf5cBpIi_mEFNUPkOLMnNV37CLMBi-IcAOZBXSGmo7JwE-ZVfjWR3A==
date: Sat, 28 Sep 2024 14:02:48 GMT
content-type: text/javascript
last-modified: Thu, 26 Sep 2024 08:27:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
bcbsma.zycus.com/home/assets/fonts/roboto/ 15 KB
15 KB 138ms
137ms Font
font/woff2 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/assets/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bcbsma.zycus.com
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "66b5ee4d-3bf0"
expires: Sun, 28 Sep 2025 14:03:39 GMT
accept-ranges: bytes
content-length: 15367
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 10:24:13 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
bcbsma.zycus.com/home/assets/fonts/roboto/ 15 KB
15 KB 155ms
155ms Font
font/woff2 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/assets/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://bcbsma.zycus.com
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "66b5ee4d-3c4c"
expires: Sun, 28 Sep 2025 14:03:39 GMT
accept-ranges: bytes
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: font/woff2
last-modified: Fri, 09 Aug 2024 10:24:13 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 styles.d1d4b271c126e88601c8.css
bcbsma.zycus.com/home/ 422 KB
59 KB 57ms
56ms Stylesheet
text/css 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/styles.d1d4b271c126e88601c8.css
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac5bbf1ace875dcf43c58266c932f6bb6e3fb7869f1e05ee25bcf8e4369ff74c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=314591434
content-encoding: gzip
etag: "66ebf4ce-697cf"
expires: Sun, 17 Sep 2034 16:34:13 GMT
accept-ranges: bytes
content-length: 59869
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 09:54:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 unsupport.js Show response
bcbsma.zycus.com/home/assets/detect-browser/ 2 KB
1 KB 103ms
103ms Script
application/javascript 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/assets/detect-browser/unsupport.js?cp=1726736872058
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afb3054181c7542ae6820cd9740162eb47a1a8f3db036525f3f4a2d7dd648a54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=314591523
content-encoding: gzip
etag: "66e2c23d-92c"
expires: Sun, 17 Sep 2034 16:35:42 GMT
accept-ranges: bytes
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Sep 2024 10:28:13 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 runtime.6c5944e5ff66be2f3dfc.js Show response
bcbsma.zycus.com/home/ 3 KB
2 KB 140ms
139ms Script
application/javascript 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/runtime.6c5944e5ff66be2f3dfc.js
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b0d60ceb848108acf631f5e3f617ba0c9d3f4dd4af21a128b6a053367b1b75f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=314591553
content-encoding: gzip
etag: "66ebf4ce-beb"
expires: Sun, 17 Sep 2034 16:36:12 GMT
accept-ranges: bytes
content-length: 1384
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 09:54:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 polyfills.50507a19d13dfa5d15e4.js Show response
bcbsma.zycus.com/home/ 194 KB
40 KB 123ms
123ms Script
application/javascript 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/polyfills.50507a19d13dfa5d15e4.js
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bb73c0678872c1b692b2d2cfa4c774cb0ab67ba3796f513c8d2e59153c8f7ed8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=315360000
content-encoding: gzip
etag: "66b5ee4d-307ad"
expires: Tue, 26 Sep 2034 14:03:39 GMT
accept-ranges: bytes
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 09 Aug 2024 10:24:13 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 vendor.1f206d83d717eddbf647.js Show response
bcbsma.zycus.com/home/ 4 MB
923 KB 57ms
56ms Script
application/javascript 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/vendor.1f206d83d717eddbf647.js
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7ff757e5e764fbbd3293447b8e62163760c2ae6f5e4f9f2306906a92dee3caa8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=314591419
content-encoding: gzip
etag: "66ebf4cd-40da0b"
expires: Sun, 17 Sep 2034 16:33:58 GMT
accept-ranges: bytes
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 09:54:21 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 main.c03da3cbc32cab32c31e.js Show response
bcbsma.zycus.com/home/ 501 KB
92 KB 55ms
55ms Script
application/javascript 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/main.c03da3cbc32cab32c31e.js
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2faa9f32bf288cd0c465d6c47427b5573e8fd3689e798952a36ca8ce1d4e6667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=314591454
content-encoding: gzip
etag: "66ebf4cd-7d35c"
expires: Sun, 17 Sep 2034 16:34:33 GMT
accept-ranges: bytes
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 09:54:21 GMT
server: nginx
vary: Accept-Encoding

GET
H2 401 getDetails Show response
bcbsma.zycus.com/home/api/a/dd/users/ 433 B
1 KB 97ms
96ms Fetch
application/json 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bcbsma.zycus.com/home/api/a/dd/users/getDetails

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3d32cde07bf2cc6abe13db38663914488303f9296f382931d5e41307a5b6641

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-datadog-origin: rum
x-datadog-trace-id: 3176557823138708356
traceparent: 00-00000000000000002c15668290abbb84-033835145ce3cd0f-01
x-datadog-parent-id: 231993742383631631
Referer: https://bcbsma.zycus.com/home//
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-datadog-sampling-priority: 1

Response headers

access-control-expose-headers: Content-Disposition
etag: W/"1b1-YUOkJqdB0OWm242taNGn9PqqvYs"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-dns-prefetch-control: off
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
buildno
access-control-allow-origin: .zycus.com
content-length: 433
x-xss-protection: 1; mode=block
server: nginx
version: 0.0.0

GET
H2 200 isLogin
bcbsma.zycus.com/home/api/u/tms/auth/ 652 B
1 KB 115ms
115ms XHR
application/json 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bcbsma.zycus.com/home/api/u/tms/auth/isLogin

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-datadog-origin: rum
x-datadog-parent-id: 3322038268101866524
Referer: https://bcbsma.zycus.com/home//
x-datadog-trace-id: 1140037086699310035
traceparent: 00-00000000000000000fd239b0af7bcbd3-2e1a40343477341c-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-datadog-sampling-priority: 1

Response headers

access-control-expose-headers: Content-Disposition
etag: W/"28c-15GsobJh/P7VrbBx8NiRNcLAeQA"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-dns-prefetch-control: off
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
buildno
access-control-allow-origin: .zycus.com
content-length: 652
x-xss-protection: 1; mode=block
server: nginx
version: 0.0.0

GET
H2 200 dd-loader.gif
bcbsma.zycus.com/home/assets/images/ 89 KB
90 KB 62ms
61ms Image
image/gif 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcbsma.zycus.com/home/assets/images/dd-loader.gif
Requested by: Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=29899184
etag: "66b5ee4d-16537"
expires: Tue, 09 Sep 2025 15:23:23 GMT
accept-ranges: bytes
content-length: 91447
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: image/gif
last-modified: Fri, 09 Aug 2024 10:24:13 GMT
server: nginx

GET
H2 200 isDSSO
bcbsma.zycus.com/home/api/u/tms/users/ 467 B
3 KB 261ms
260ms XHR
application/json 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bcbsma.zycus.com/home/api/u/tms/users/isDSSO?requestUrl=https%3A%2F%2Fbcbsma.zycus.com%2Fhome%2F%2F

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-datadog-origin: rum
x-datadog-parent-id: 4601022860882252990
Referer: https://bcbsma.zycus.com/home//
x-datadog-trace-id: 4319097373456740238
traceparent: 00-00000000000000003bf0842d77362f8e-3fda1dea2a5694be-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-datadog-sampling-priority: 1

Response headers

access-control-expose-headers: Content-Disposition
etag: W/"1d3-9oiBktmSeA9hx/hC+KtyFPaVXO8"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-ua-compatible: IE=Edge
date: Sat, 28 Sep 2024 14:03:40 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-dns-prefetch-control: off
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
buildno
access-control-allow-origin: .zycus.com
content-length: 467
x-xss-protection: 1; mode=block
server: nginx
version: 0.0.0

GET
H2 200 favicon.ico
bcbsma.zycus.com/home/ 1 KB
2 KB 63ms
62ms Other
image/x-icon 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbsma.zycus.com/home/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-204-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bcbsma.zycus.com/home//

Response headers

cache-control: public, max-age=31536000
etag: "66b5ee4d-57e"
expires: Sun, 28 Sep 2025 14:03:39 GMT
accept-ranges: bytes
content-length: 1406
date: Sat, 28 Sep 2024 14:03:39 GMT
content-type: image/x-icon
last-modified: Fri, 09 Aug 2024 10:24:13 GMT
server: nginx

POST
H2 202 rum
browser-intake-datadoghq.com/api/v2/ 53 B
286 B 126ms
78ms Fetch
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.28.0%2Capi%3Afetch%2Cenv%3APRUS%2Cservice%3ADewDrops-Common%2Cversion%3A1.0.0&dd-api-key=pub4e1054cd9540bb5d0a26ef123eea5a9b&dd-evp-origin-version=5.28.0&dd-evp-origin=browser&dd-request-id=c1312c44-2e5f-4d14-aac9-29ad71ea5443&batch_time=1727532220213

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bcbsma.zycus.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 53
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
date: Sat, 28 Sep 2024 14:03:40 GMT
content-type: application/json
dd-request-id: c1312c44-2e5f-4d14-aac9-29ad71ea5443

GET
H2

200

https://zauth.zycus.com/oauth2/authorize-client/zycusopenid?action=login&Delegated=true&serviceName=https%3A%2F%2Fbcbsma.zycus.com%2Fhome%2F%2F%3F&kc_idp_hint=bcbsma
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/protocol/openid-connect/auth?response_type=code&client_id=zycusopenid&scope=openid%20email&state=r-xtn7nQDZZAKyM4nmEK3ZIqGRVhH1iPhg9gSG0nwlw%3D&...
https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

8 KB
9 KB

160ms
159ms

Document
text/html

23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Requested by

Host: bcbsma.zycus.com
URL: https://bcbsma.zycus.com/home/main.c03da3cbc32cab32c31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bbb82509fb188cd7c57bbd81fbf5c32f477de3037b614906c90aa5db9168235d

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none'; default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bcbsma.zycus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-language: en
content-length: 8333
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none'; default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
content-type: text/html;charset=utf-8
date: Sat, 28 Sep 2024 14:03:41 GMT
expires: Sat, 28 Sep 2024 14:03:41 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=86400 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
date: Sat, 28 Sep 2024 14:03:40 GMT
expires: Sat, 28 Sep 2024 14:03:40 GMT
location: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o
pragma: no-cache
server: nginx
strict-transport-security: max-age=86400 ; includeSubDomains ; preload
x-frame-options: SAMEORIGIN

POST
H2 202 rum
browser-intake-datadoghq.com/api/v2/ 0
0 122ms
80ms Ping
application/json 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.28.0%2Capi%3Abeacon%2Cenv%3APRUS%2Cservice%3ADewDrops-Common%2Cversion%3A1.0.0&dd-api-key=pub4e1054cd9540bb5d0a26ef123eea5a9b&dd-evp-origin-version=5.28.0&dd-evp-origin=browser&dd-request-id=eee97b9a-15be-4192-8069-26f678ba2814&batch_time=1727532220217
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://bcbsma.zycus.com/

Response headers

POST rum
browser-intake-datadoghq.com/api/v2/ 0
0

GET
H2 200 patternfly.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 214 KB
215 KB 158ms
156ms Stylesheet
text/css 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css

Requested by

Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 patternfly-additions.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/ 228 KB
230 KB 141ms
140ms Stylesheet
text/css 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly-additions.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 zocial.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/ 43 KB
44 KB 206ms
205ms Stylesheet
text/css 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/lib/zocial/zocial.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
content-length: 43945
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 login.css
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/ 7 KB
8 KB 240ms
239ms Stylesheet
text/css 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
content-length: 7227
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: text/css;charset=UTF-8
server: nginx
x-frame-options: SAMEORIGIN

GET truncated
/ 0
0

GET
H2 200 keycloak-bg.png
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/ 80 KB
81 KB 110ms
109ms Image
image/png 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/keycloak-bg.png

Requested by

Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/css/login.css

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: image/png
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 OpenSans-Regular-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 61 KB
61 KB 173ms
172ms Font
application/octet-stream 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2

Requested by

Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://zauth-admin.zycus.com
Referer: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: application/octet-stream
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 OpenSans-Light-webfont.woff2
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/ 62 KB
63 KB 159ms
159ms Font
application/octet-stream 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2

Requested by

Host: zauth-admin.zycus.com
URL: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://zauth-admin.zycus.com
Referer: https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/node_modules/patternfly/dist/css/patternfly.css

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
content-length: 63180
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: application/octet-stream
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 200 bcbsma:zycus:prod Show response
access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/ 6 KB
6 KB 656ms
69ms Document
text/html 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

9a6e86d59f1886e65096188c882c027f7cb86110a0e959d01dd229416738f830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zauth-admin.zycus.com
Referer: https://zauth-admin.zycus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5962
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Sat, 28 Sep 2024 14:03:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
via: 1.1 google
x-content-type-options: nosniff
x-forgerock-transactionid: ec3e7e33-66ac-4362-98da-09a6e14f0e7e
x-frame-options: SAMEORIGIN
x-robots-tag: none

GET
H2 200 favicon.ico
zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/ 627 B
1 KB 177ms
177ms Other
application/octet-stream 23.55.204.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zauth-admin.zycus.com/auth/resources/7.0.0/login/keycloak/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.204.67 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-204-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .zycus.com .zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn siteintercept.qualtrics.com .churnzero.net .siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' .zycus.com .zycus.cn .siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net .churnzero.net; style-src 'unsafe-inline' .zycus.com .zycus.cn .churnzero.net .googleapis.com; img-src .zycus.com .zycus.cn .cloudfront.net data: .churnzero.net; font-src .zycus.com .zycus.cn fonts.gstatic.com .churnzero.net; connect-src .zycus.com .zycus.cn .churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src .zycus.com .zycus.cn .cloudfront.net .churnzero.net; worker-src .zycus.com .zycus.cn; upgrade-insecure-requests; block-all-mixed-content
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains ; preload
content-security-policy: default-src 'self' *.zycus.com *.zycus.cn; script-src 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn siteintercept.qualtrics.com *.churnzero.net *.siteintercept.qualtrics.com; script-src-elem 'unsafe-inline' 'unsafe-eval' *.zycus.com *.zycus.cn *.siteintercept.qualtrics.com siteintercept.qualtrics.com server.iad.liveperson.net *.churnzero.net; style-src 'unsafe-inline' *.zycus.com *.zycus.cn *.churnzero.net *.googleapis.com; img-src *.zycus.com *.zycus.cn *.cloudfront.net data: *.churnzero.net; font-src *.zycus.com *.zycus.cn fonts.gstatic.com *.churnzero.net; connect-src *.zycus.com *.zycus.cn *.churnzero.net siteintercept.qualtrics.com; object-src 'none'; frame-src *.zycus.com *.zycus.cn *.cloudfront.net *.churnzero.net; worker-src *.zycus.com *.zycus.cn; upgrade-insecure-requests; block-all-mixed-content
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sat, 28 Sep 2024 14:03:41 GMT
content-length: 627
date: Sat, 28 Sep 2024 14:03:41 GMT
content-type: application/octet-stream
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 sanitize-url.min.js Show response
access.bluecrossma.com/am/js/SanitizeUrl/ 882 B
1 KB 24ms
22ms Script
text/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/js/SanitizeUrl/sanitize-url.min.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

447a66f830d16fab42181957e2e23a2e7105bec05e8a395d7411306922f15217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
cache-control: public, max-age=2592000
etag: W/"882-1719334476000"
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
x-forgerock-transactionid: 1565cea6-2dfa-44ff-8c9a-de1f420ee086
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 882
date: Sat, 28 Sep 2024 14:03:42 GMT
last-modified: Tue, 25 Jun 2024 16:54:36 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN

GET
H2 200 purify.min.js Show response
access.bluecrossma.com/am/js/DomPurify/ 21 KB
21 KB 24ms
24ms Script
text/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/js/DomPurify/purify.min.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

d48e3c32ba5c79567f39903147035e803da5fc50ff01c7dab7bde9fcbb9919d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
cache-control: public, max-age=2592000
etag: W/"21208-1719334476000"
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
x-forgerock-transactionid: c08f1885-754b-40f2-b2ba-2dd504c1ab76
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21208
date: Sat, 28 Sep 2024 14:03:41 GMT
last-modified: Tue, 25 Jun 2024 16:54:36 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN

GET
H3 200 saml2-write.js Show response
access.bluecrossma.com/am/js/ 876 B
899 B 26ms
26ms Script
text/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/js/saml2-write.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

bfb79f699da4ff30c4f3fd2d5baddbe167ace2c54955384aed9f16d79d571177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
cache-control: public, max-age=2592000
etag: W/"876-1719334476000"
x-content-type-options: nosniff
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
x-forgerock-transactionid: 24aae15a-5be9-4c9f-afaa-6d9e0cf8d2dd
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 876
date: Sat, 28 Sep 2024 14:03:42 GMT
last-modified: Tue, 25 Jun 2024 16:54:36 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN

GET
H3

200

Primary Request / Show response
access.bluecrossma.com/am/XUI/
Redirect Chain

https://access.bluecrossma.com/am/UI/Login?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcb...
https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:...

974 B
999 B

26ms
26ms

Document
text/html

34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie=

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/js/saml2-write.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

26c350b55cfabbb509a856e248aa0fc29f1d889a9fb902a39fc46296239c60c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff

Request headers

Referer: https://access.bluecrossma.com/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache no-store
content-length: 974
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type: text/html
date: Sat, 28 Sep 2024 14:03:42 GMT
etag: "66dafa60-3ce"
expires: Sat, 28 Sep 2024 14:03:41 GMT
last-modified: Fri, 06 Sep 2024 12:49:36 GMT
pragma: no-cache
referrer-policy: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload;
via: 1.1 google
x-content-type-options: nosniff
x-robots-tag: none

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 28 Sep 2024 14:03:41 GMT
location: /am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie=#login/
strict-transport-security: max-age=31536000; includeSubDomains; preload;
via: 1.1 google
x-forgerock-transactionid: 7eafe406-c4a0-480d-98dc-e9c93de30f49
x-robots-tag: none

GET
H2 200 css
fonts.bunny.net/ 50 KB
3 KB 54ms
18ms Stylesheet
text/css 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Requested by: Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
date: Sat, 28 Sep 2024 14:03:42 GMT
last-modified: Wed, 18 Sep 2024 22:27:51 GMT
cdn-cachedat: 09/18/2024 22:27:51
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cdn-requestpullcode: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 2
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: e60c68ce5ee047dbb8f7c2e5e3ba34b7
cdn-pullzone: 781720
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US

GET
H3 200 chunk-vendors.38c40a24.js Show response
access.bluecrossma.com/am/XUI/js/ 1 MB
1 MB 25ms
24ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/?realm=/alpha&spEntityID=https://zauth-admin.zycus.com/auth/realms/ZycusRealm&goto=https://access.bluecrossma.com:443/am/saml2/continue/metaAlias/alpha/bcbsma:zycus:prod?secondVisitUrl%3D/am/SSOPOST/metaAlias/alpha/bcbsma:zycus:prod?ReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3&AMAuthCookie=

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

d1d206d663fb555d6650d162532dbe2dcad79ba32478801f254c83d506ed652c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec231b-13ebe9"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305577
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:11:55 GMT

GET
H3 200 app.0a0afd0e.js Show response
access.bluecrossma.com/am/XUI/js/ 163 KB
163 KB 42ms
41ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

25b497c6bbbb02701dc1a0efe1edb1a46da19e5059bc0ab56a0a3e521a088724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec233b-28aba"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166586
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:12:27 GMT

GET
H3 200 chunk-vendors.d2b307bd.css
access.bluecrossma.com/am/XUI/css/ 79 KB
79 KB 24ms
24ms Stylesheet
text/css 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/css/chunk-vendors.d2b307bd.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-13cf5"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81141
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: text/css
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

GET
H3 200 app.800690e3.css
access.bluecrossma.com/am/XUI/css/ 196 KB
196 KB 26ms
25ms Stylesheet
text/css 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/css/app.800690e3.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

66d6a679c539e9c78a8e5d04e4bbff47f1824b6e226172284ea0b29b5dd3e3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-30f27"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200487
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: text/css
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

GET
H3 200 uiconfig Show response
access.bluecrossma.com/openidm/info/ 710 B
735 B 25ms
24ms XHR
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/openidm/info/uiconfig

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

11a6a58659f2726402020963f6b3f71bbdc10325e8d1ddcb937815741db25a56

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://access.bluecrossma.com/

Response headers

x-robots-tag: none
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:42 GMT
content-api-version: protocol=2.1,resource=1.0
content-type: application/json;charset=utf-8
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src 'none';frame-ancestors 'none';sandbox
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
cross-origin-resource-policy: same-origin
via: 1.1 google
x-forgerock-transactionid: d6c58cfd-106b-46a9-8d97-b05daafc89f9
content-length: 710

GET
H3 404 en-US Show response
access.bluecrossma.com/openidm/config/uilocale/ 55 B
79 B 27ms
27ms XHR
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/openidm/config/uilocale/en-US?_fields=login,shared

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

07736e451e9f9580c3ec595b3332bc2bce1b692e1c37100fc741269687bf97cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://access.bluecrossma.com/

Response headers

x-robots-tag: none
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:42 GMT
content-api-version: protocol=2.1,resource=1.0
content-type: application/json;charset=utf-8
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src 'none';frame-ancestors 'none';sandbox
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
cross-origin-resource-policy: same-origin
via: 1.1 google
x-forgerock-transactionid: 913f3d50-88b5-49dd-a0c9-fdc773a88440
content-length: 55

GET
H3 200 en Show response
access.bluecrossma.com/openidm/config/uilocale/ 67 B
91 B 25ms
25ms XHR
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/openidm/config/uilocale/en?_fields=login,shared

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

6a15612fedc2c2e100beadfa79c04a6d34e6f5f2ee79ba400f16f8ac8a3d34fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://access.bluecrossma.com/

Response headers

x-robots-tag: none
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: application/json;charset=utf-8
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src 'none';frame-ancestors 'none';sandbox
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
cross-origin-resource-policy: same-origin
via: 1.1 google
x-forgerock-transactionid: d8aa9456-293c-48e4-ba86-b24aef46dd19
content-length: 67

GET
H3 404 favicon.ico
access.bluecrossma.com/ 184 B
199 B 21ms
21ms Other
text/html 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains;preload
cache-control: private, no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: text/html
x-frame-options: SAMEORIGIN

GET
H3 200 811.30fa0bcb.js Show response
access.bluecrossma.com/am/XUI/js/ 23 KB
23 KB 22ms
21ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/811.30fa0bcb.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

e243f63c45aceffee3e8edf3d974ba41245e357110e999f983ef8e48553a0dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec233b-5d4a"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23882
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:12:27 GMT

GET
H3 200 337.4469b31e.css
access.bluecrossma.com/am/XUI/css/ 11 KB
11 KB 22ms
22ms Stylesheet
text/css 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/css/337.4469b31e.css

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-2dc7"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11719
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: text/css
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

GET
H3 200 337.368574f5.js Show response
access.bluecrossma.com/am/XUI/js/ 58 KB
58 KB 24ms
23ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/337.368574f5.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

4f9ac3a49689f5342991b6ff9311a88d26b12a0942f15031a452e8757dea7cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec233b-e613"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58899
date: Sat, 28 Sep 2024 14:03:42 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:12:27 GMT

GET
H3 200 * Show response
access.bluecrossma.com/am/json/realms/root/realms/alpha/serverinfo/ 528 B
555 B 25ms
24ms XHR
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/json/realms/root/realms/alpha/serverinfo/*

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

06e77ad8fa51ff146a379dffbbc8167d0efdb4d0a65670917f4ad5706e27537d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://access.bluecrossma.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
accept-api-version: protocol=1.0,resource=1.1

Response headers

x-robots-tag: none
etag: "770701689"
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:43 GMT
content-api-version: resource=1.1
content-type: application/json;charset=UTF-8
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src 'none';frame-ancestors 'none';sandbox
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
cross-origin-resource-policy: same-origin
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
via: 1.1 google
x-forgerock-transactionid: 29db000a-2bc6-4e9a-a903-1a99f3887129
content-length: 528

GET
H2 200 open-sans-latin-400-normal.woff2
fonts.bunny.net/open-sans/files/ 18 KB
19 KB 52ms
25ms Font
font/woff2 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://access.bluecrossma.com
Referer: https://fonts.bunny.net/css?family=open-sans:300,300i,400,400i,600,600i,700,700i&display=swap

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "66f22b3c-48ec"
cdn-fileserver: 831
date: Sat, 28 Sep 2024 14:03:43 GMT
cdn-storageserver: NY-353
content-type: font/woff2
last-modified: Tue, 24 Sep 2024 03:00:12 GMT
cdn-cachedat: 09/25/2024 07:57:45
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestid: e0b01c2fc6b1fa71190d46f0e707ce3b
cdn-pullzone: 781720
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
cdn-edgestorageid: 925
server: BunnyCDN-ASB1-925
cdn-requestcountrycode: US

POST
H3 200 authenticate Show response
access.bluecrossma.com/am/json/realms/root/realms/alpha/ 3 KB
3 KB 29ms
29ms Fetch
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/json/realms/root/realms/alpha/authenticate?spEntityID=https%253A%252F%252Fzauth-admin.zycus.com%252Fauth%252Frealms%252FZycusRealm&goto=https%3A%2F%2Faccess.bluecrossma.com%3A443%2Fam%2Fsaml2%2Fcontinue%2FmetaAlias%2Falpha%2Fbcbsma%3Azycus%3Aprod%3FsecondVisitUrl%3D%2Fam%2FSSOPOST%2FmetaAlias%2Falpha%2Fbcbsma%3Azycus%3Aprod%3FReqID%253DID_febaaf40-0c25-40eb-be92-35be57b283e3

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

987b2afb7b16bebab5785f641c23d53fbcbe0185d36973fbd4e79d5da3111542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-forgerock-transactionid: 29f95fb4-e3ce-42cb-882b-518baa9accd7-request-1
Referer: https://access.bluecrossma.com/
x-requested-with: forgerock-sdk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
accept-api-version: protocol=1.0,resource=2.1
content-type: application/json

Response headers

x-robots-tag: none
access-control-expose-headers: content-api-version
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:42 GMT
content-api-version: resource=2.1
content-type: application/json
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload;
cache-control: private
pragma: no-cache
access-control-allow-credentials: true
content-security-policy-report-only: frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'
via: 1.1 google
x-forgerock-transactionid: 29f95fb4-e3ce-42cb-882b-518baa9accd7-request-1
access-control-allow-origin: https://access.bluecrossma.com
content-length: 3002

GET
H3 200 themerealm Show response
access.bluecrossma.com/openidm/config/ui/ 148 KB
148 KB 27ms
27ms XHR
application/json 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/openidm/config/ui/themerealm

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/chunk-vendors.38c40a24.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

0cca523812a3cd83b6fa56d2319b2e0e7fd519ed9e2d6ea4f1c45473925a4e6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';frame-ancestors 'none';sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://access.bluecrossma.com/
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

x-robots-tag: none
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 14:03:43 GMT
content-api-version: protocol=2.1,resource=1.0
content-type: application/json;charset=utf-8
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: default-src 'none';frame-ancestors 'none';sandbox
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
cross-origin-resource-policy: same-origin
via: 1.1 google
x-forgerock-transactionid: c921212e-8cb1-4779-80e2-20eff44f4736

GET
H3 200 56.9efaefad.js Show response
access.bluecrossma.com/am/XUI/js/ 10 KB
10 KB 25ms
23ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/56.9efaefad.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

cf51c6cbd5cd689669aee22de895e6138afeb9e37e6775d7d941d5d8acbf3299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec232b-26a8"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9896
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:12:11 GMT

GET
H3 200 796.f8b9bf79.css
access.bluecrossma.com/am/XUI/css/ 117 KB
117 KB 26ms
24ms Stylesheet
text/css 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/css/796.f8b9bf79.css

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

fd6ca6c971c21d170807abb0e5e58049d61f0a4f8cdf2f18e45462067f3972f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-1d3a3"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119715
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: text/css
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

GET
H3 200 796.b163affd.js Show response
access.bluecrossma.com/am/XUI/js/ 471 KB
471 KB 29ms
28ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/796.b163affd.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

0fc8773c278dc890f10a1b5308f68291ee1cfc1a4167fee04feb5f9e50aa309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec231a-75b2b"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482091
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:11:54 GMT

GET
H3 200 982.5c2882e5.css
access.bluecrossma.com/am/XUI/css/ 3 KB
3 KB 26ms
25ms Stylesheet
text/css 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/css/982.5c2882e5.css

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

92ad31290c56ae6d953c05e36606c531451571d6d63591de2f2f8b764f43dfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-a6d"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2669
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: text/css
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

GET
H3 200 982.3c0bf6bd.js Show response
access.bluecrossma.com/am/XUI/js/ 2 KB
2 KB 24ms
23ms Script
application/javascript 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/js/982.3c0bf6bd.js

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/js/app.0a0afd0e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

31076728d5bbd14daa69bae720d0eaffc975f42cd3d51307b2211d99374113e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://access.bluecrossma.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66ec232b-744"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1860
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 13:12:11 GMT

GET logo
bluegateway-stg.bluecrossma.com/ 0
0

GET svg
bluegateway-stg.bluecrossma.com/ 0
0

GET
H3 200 material-icons-outlined.765716c4.woff2
access.bluecrossma.com/am/XUI/fonts/ 143 KB
143 KB 22ms
22ms Font
font/woff2 34.111.193.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://access.bluecrossma.com/am/XUI/fonts/material-icons-outlined.765716c4.woff2

Requested by

Host: access.bluecrossma.com
URL: https://access.bluecrossma.com/am/XUI/css/app.800690e3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.193.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

32.193.111.34.bc.googleusercontent.com

Software

Resource Hash

32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://access.bluecrossma.com
Referer: https://access.bluecrossma.com/am/XUI/css/app.800690e3.css

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-robots-tag: none
etag: "66dafa60-23a04"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145924
date: Sat, 28 Sep 2024 14:03:43 GMT
content-type: font/woff2
last-modified: Fri, 06 Sep 2024 12:49:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: browser-intake-datadoghq.com
URL: https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.28.0%2Capi%3Abeacon%2Cenv%3APRUS%2Cservice%3ADewDrops-Common%2Cversion%3A1.0.0&dd-api-key=pub4e1054cd9540bb5d0a26ef123eea5a9b&dd-evp-origin-version=5.28.0&dd-evp-origin=browser&dd-request-id=6a87e82a-63d5-49b5-b025-80761822355a&batch_time=1727532221143

Domain: truncated
URL: data:truncated

Domain: bluegateway-stg.bluecrossma.com
URL: https://bluegateway-stg.bluecrossma.com/logo

Domain: bluegateway-stg.bluecrossma.com
URL: https://bluegateway-stg.bluecrossma.com/svg

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zauth-admin.zycus.com/auth/realms/ZycusRealm/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 435a21f0-e236-42da-a453-5da26c1e719d.122
zauth-admin.zycus.com/auth/realms/ZycusRealm/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlYWNhNjE1Zi1jNDk3LTQzNTQtODBmZi05YmZlMzMxYWZmNzMifQ.eyJjaWQiOiJ6eWN1c29wZW5pZCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vemF1dGguenljdXMuY29tL2xvZ2luL29hdXRoMi9jb2RlL3p5Y3Vzb3BlbmlkIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgZW1haWwiLCJpc3MiOiJodHRwczovL3phdXRoLWFkbWluLnp5Y3VzLmNvbS9hdXRoL3JlYWxtcy9aeWN1c1JlYWxtIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3phdXRoLnp5Y3VzLmNvbS9sb2dpbi9vYXV0aDIvY29kZS96eWN1c29wZW5pZCIsInN0YXRlIjoici14dG43blFEWlpBS3lNNG5tRUszWklxR1JWaEgxaVBoZzlnU0cwbndsdz0iLCJrY19pZHBfaGludCI6ImJjYnNtYSJ9fQ.CzFpi-jUJJpFDwWzWax7Ns2dWWuGO89q0wvNsjVB6v4
access.bluecrossma.com/am	1969-12-31 23:59:59	Name: JSESSIONID Value: 93150EB88528A63B4167136407083ACF
.zycus.com/	1970-01-20 23:52:14	Name: isDelegatedSSO Value: true
.zycus.com/	1970-01-20 23:52:14	Name: BRIDGE_URL Value: https%3A%2F%2Fzauth.zycus.com
.zycus.com/	1970-01-20 23:52:12	Name: ZAUTH_REDIRECT_URL Value: https%3A%2F%2Fbcbsma.zycus.com%2Fhome%2F%2F
.zycus.com/	1969-12-31 23:59:59	Name: logoutURL Value: https%3A%2F%2Fzauth.zycus.com%2Fsession%2Flogout
zauth.zycus.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: F8AF28F093A58116D8B16B32A9E7CCD7
zauth-admin.zycus.com/	1969-12-31 23:59:59	Name: SERVERID Value: kc02
bcbsma.zycus.com/	1970-01-20 23:52:13	Name: _dd_s Value: rum=2&id=5fcb8104-9227-4dbd-9870-a26c14ea2221&created=1727532219104&expire=1727533119104
.access.bluecrossma.com/	1969-12-31 23:59:59	Name: amlbcookie Value: 01

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bcbsma.zycus.com/home/api/a/dd/users/getDetails Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://zauth-admin.zycus.com/auth/realms/ZycusRealm/broker/bcbsma/login?session_code=v2UMMpJCX9cP_OoJ6ixIDfzBMkiJtl_J0j-y2aaLEko&client_id=zycusopenid&tab_id=YkXAAZ6bg1o(Line 50) Message: Refused to load the font 'data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAEVIAA0AAAAAY9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAABFLAAAABkAAAAcc+CDZk9TLzIAAAGgAAAASQAAAGBQBl3KY21hcAAAAqAAAABMAAABUvFF+FhjdnQgAAAC7AAAAAQAAAAEABEBRGdhc3AAAEUkAAAACAAAAAj//wADZ2x5ZgAAA8QAAD7MAABY4HVSYx5oZWFkAAABMAAAADAAAAA2A/nHeWhoZWEAAAFgAAAAIAAAACQEdwEbaG10eAAAAewAAACzAAAA2gWL/3lsb2NhAAAC8AAAANIAAADSYgpLMG1heHAAAAGAAAAAHwAAACAAvgE3bmFtZQAAQpAAAAEjAAAB9XSZ105wb3N0AABDtAAAAW0AAAQSQQeQ6XjaY2BkYGAA4k+d//nj+W2+MnAzMYDARX/nRBj9f8H/DUxzmLiAXA4Gs...6qa5tknMbknHOUYMOO9+PNAMFZ8kuls/xU3aD7u18/u8nuf/v65+gG3RgDxljBSlYxzmrWsJZ1rGcDG9nEBJvZwla2sZ0d7GQXk+xmD3vZx34OcJBDHOYIRznGcU5wklOc5gxnOcd5LjCkUGkESc8U08xwkUtc5gpXmeUac8yzwCJLjFjmOje4yS1uc4e73OM+D3jIIx7zhKc84zkveMkrXvOGt7zjPR/4yCc+82X8x/dvozIc2mKrbTZs2t5O2Wk7Y+fsvF2wi3bJjv616Bf9ol/0i37RL/pFt+gW3aJbdItu0S26VbfqVt2qW3WrbtWt/l31q37Vr/pVv+pX/arf9Jt+02/6Tb/pN/2m3/SbftNv+k2/6Tf9ph/6oR/6oR/6oR/6oR/6oR/6oR/6oR/6oZ/6qZ/6qZ/6qZ/6qZ/6qZ/6qZ/6qZ/6qd/r9/q9fq/fx29bHvQPAAAAAAAAAf//AAJ42mNgYGBkAIKLjn8Wg2l/50QYDQBKNwY7AAAA' because it violates the following Content Security Policy directive: "font-src .zycus.com .zycus.cn fonts.gstatic.com *.churnzero.net".
network	error	URL: https://access.bluecrossma.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://access.bluecrossma.com/openidm/config/uilocale/en-US?_fields=login,shared Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.bluecrossma.com
bcbsma.zycus.com
bluegateway-stg.bluecrossma.com
browser-intake-datadoghq.com
fonts.bunny.net
truncated
www.datadoghq-browser-agent.com
zauth-admin.zycus.com
zauth.zycus.com
bluegateway-stg.bluecrossma.com
browser-intake-datadoghq.com
truncated
108.139.54.225
23.55.204.67
2600:1f18:24e6:b902:a46c:a4a6:87fe:c14c
34.111.193.32
37.19.207.34
06e77ad8fa51ff146a379dffbbc8167d0efdb4d0a65670917f4ad5706e27537d
07736e451e9f9580c3ec595b3332bc2bce1b692e1c37100fc741269687bf97cb
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
0a40b3b2ff66e275054bcb357b43c2fa33c6874dfc251536ffc9b73aba441bb4
0cca523812a3cd83b6fa56d2319b2e0e7fd519ed9e2d6ea4f1c45473925a4e6f
0fc8773c278dc890f10a1b5308f68291ee1cfc1a4167fee04feb5f9e50aa309a
11a6a58659f2726402020963f6b3f71bbdc10325e8d1ddcb937815741db25a56
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
25b497c6bbbb02701dc1a0efe1edb1a46da19e5059bc0ab56a0a3e521a088724
26c350b55cfabbb509a856e248aa0fc29f1d889a9fb902a39fc46296239c60c3
2faa9f32bf288cd0c465d6c47427b5573e8fd3689e798952a36ca8ce1d4e6667
31076728d5bbd14daa69bae720d0eaffc975f42cd3d51307b2211d99374113e1
32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
447a66f830d16fab42181957e2e23a2e7105bec05e8a395d7411306922f15217
4ce27d0c3ccb98258f618746687f099c9fe9bc0e94b594cb320c4c795bb41975
4f9ac3a49689f5342991b6ff9311a88d26b12a0942f15031a452e8757dea7cea
66d6a679c539e9c78a8e5d04e4bbff47f1824b6e226172284ea0b29b5dd3e3ba
6a15612fedc2c2e100beadfa79c04a6d34e6f5f2ee79ba400f16f8ac8a3d34fe
7bd3ae5aaec07abedd495bfbc56b703b9df4f4baf692da7b7411236ddeacb7b2
7e77fcc753baca61311f1708f06c79d8af592f5a2e3c80dc014e36c292c1e954
7ff757e5e764fbbd3293447b8e62163760c2ae6f5e4f9f2306906a92dee3caa8
83ee5b04a1a2420004b7ff156f1b1ded503e1a2ac70386c23d8e2efdda57ea4d
92ad31290c56ae6d953c05e36606c531451571d6d63591de2f2f8b764f43dfaa
987b2afb7b16bebab5785f641c23d53fbcbe0185d36973fbd4e79d5da3111542
9a6e86d59f1886e65096188c882c027f7cb86110a0e959d01dd229416738f830
ab5b03441676ec2257062800d1387c86389c8a36619866a4e7dd2ae93bd319bc
ac5bbf1ace875dcf43c58266c932f6bb6e3fb7869f1e05ee25bcf8e4369ff74c
afb3054181c7542ae6820cd9740162eb47a1a8f3db036525f3f4a2d7dd648a54
b0d60ceb848108acf631f5e3f617ba0c9d3f4dd4af21a128b6a053367b1b75f6
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
bb73c0678872c1b692b2d2cfa4c774cb0ab67ba3796f513c8d2e59153c8f7ed8
bbb82509fb188cd7c57bbd81fbf5c32f477de3037b614906c90aa5db9168235d
bfb79f699da4ff30c4f3fd2d5baddbe167ace2c54955384aed9f16d79d571177
cf51c6cbd5cd689669aee22de895e6138afeb9e37e6775d7d941d5d8acbf3299
d1d206d663fb555d6650d162532dbe2dcad79ba32478801f254c83d506ed652c
d3d488b75ee902649cd6fa61f05b6b882e0270f8b07e09bd48c72b6910b79643
d48e3c32ba5c79567f39903147035e803da5fc50ff01c7dab7bde9fcbb9919d1
dd642d1262d449cc048ee11d91a4ee61631b366d7d341da97687f7207454ddf8
e243f63c45aceffee3e8edf3d974ba41245e357110e999f983ef8e48553a0dad
e3d32cde07bf2cc6abe13db38663914488303f9296f382931d5e41307a5b6641
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f03c4bb69631457c1e100e573caf8d6ed5a8f0dbd70a287551845940f2df631f
fd6ca6c971c21d170807abb0e5e58049d61f0a4f8cdf2f18e45462067f3972f5

access.bluecrossma.com Open in urlscan Pro 34.111.193.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

20 %IPv6

6 Domains

9 Subdomains

6 IPs

1 Countries

4769 kBTransfer

9066 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

access.bluecrossma.com Open in urlscan Pro
34.111.193.32 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

20 %
IPv6

6
Domains

9
Subdomains

6
IPs

1
Countries

4769 kB
Transfer

9066 kB
Size

11
Cookies

56 HTTP transactions
1 data transactions