account.hcsc.net Open in urlscan Pro
205.172.134.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq...
Effective URL:
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Do...
Submission: On August 08 via api (August 8th 2023, 5:10:15 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 48 HTTP transactions. The main IP is 205.172.134.27, located in Chicago, United States and belongs to HSC, US. The main domain is account.hcsc.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 6th 2022. Valid for: a year.

This is the only time account.hcsc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	205.172.134.27 205.172.134.27	23494 (HSC) (HSC)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:980::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.211.186.134 52.211.186.134	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.72 108.138.17.72	16509 (AMAZON-02) (AMAZON-02)
1	52.209.244.112 52.209.244.112	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.135 63.140.62.135	16509 (AMAZON-02) (AMAZON-02)
1 1	52.17.231.170 52.17.231.170	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	52.177.30.255 52.177.30.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	34.231.76.20 34.231.76.20	14618 (AMAZON-AES) (AMAZON-AES)
48	20

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.onlifehealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.172.134.27 (Chicago, United States)

ASN23494 (HSC, US)

account.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cim.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.186.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-186-134.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-72.fra56.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.244.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-244-112.eu-west-1.compute.amazonaws.com

hcsc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net

healthcareservicecorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.231.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-231-170.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.30.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bam-aem.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.76.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-76-20.compute-1.amazonaws.com

bf69636tjb.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	969 KB
9	hcsc.net account.hcsc.net cim.hcsc.net — Cisco Umbrella Rank: 175282 bam-aem.hcsc.net — Cisco Umbrella Rank: 176945	2 MB
6	gstatic.com fonts.gstatic.com www.gstatic.com	85 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 jnn-pa.googleapis.com — Cisco Umbrella Rank: 282	41 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 328	1 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 215 hcsc.demdex.net — Cisco Umbrella Rank: 84695	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 417	67 KB
2	dynatrace.com bf69636tjb.bf.dynatrace.com — Cisco Umbrella Rank: 67888	970 B
2	omtrdc.net healthcareservicecorporation.sc.omtrdc.net — Cisco Umbrella Rank: 69343	466 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 256	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	14 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1070	517 B
1	decibelinsight.net cdn.decibelinsight.net — Cisco Umbrella Rank: 7932	78 KB
1	onlifehealth.com pages.onlifehealth.com	2 KB
48	15

	Domain	Requested by
9	www.youtube.com	account.hcsc.net www.youtube.com
5	account.hcsc.net	pages.onlifehealth.com account.hcsc.net
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	cim.hcsc.net	account.hcsc.net
3	assets.adobedtm.com	account.hcsc.net assets.adobedtm.com
2	bf69636tjb.bf.dynatrace.com	account.hcsc.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	healthcareservicecorporation.sc.omtrdc.net	account.hcsc.net
2	dpm.demdex.net	account.hcsc.net
2	fonts.googleapis.com	account.hcsc.net
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	bam-aem.hcsc.net
1	cm.everesttech.net	1 redirects
1	hcsc.demdex.net	assets.adobedtm.com
1	cdn.decibelinsight.net	assets.adobedtm.com
1	pages.onlifehealth.com
48	21

This site contains no links.

Subject Issuer	Validity	Valid
pages.onlifehealth.com Cloudflare Inc ECC CA-3	`2023-06-27` - `2024-06-25`	a year	crt.sh
account.hcsc.net Entrust Certification Authority - L1K	`2022-12-06` - `2023-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
cim.hcsc.net Entrust Certification Authority - L1K	`2022-10-13` - `2023-10-13`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.decibelinsight.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-12`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
bam-aem.hcsc.net Entrust Certification Authority - L1K	`2023-01-04` - `2024-02-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-07`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
Frame ID: C67BC0EC433271126DC2E4C867730BDF
Requests: 25 HTTP requests in this frame

Frame: https://hcsc.demdex.net/dest5.html?d_nsid=0
Frame ID: A2907A36966F283E0C19E3BD7BE46B37
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lnxcQiuJIxk
Frame ID: 984F21104FAE3C150F0DCA85699808BD
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BCBS Login

Page URL History Show full URLs

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9e... Page URL
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fautho... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

48
Requests

94 %
HTTPS

55 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

2864 kB
Transfer

5735 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8= Page URL
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://cm.everesttech.net/cm/dd?d_uuid=58226162061495689690218251144505176651 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZNJ28gAAAH_rxQNn

Request Chain 30

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8=
pages.onlifehealth.com/ 1003 B
2 KB 322ms
224ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-KLKqsEMlGPY/02L7yewUecajxDTM/hLlktuO/tMHxnc=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f395ef30927913c-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-KLKqsEMlGPY/02L7yewUecajxDTM/hLlktuO/tMHxnc=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Tue, 08 Aug 2023 17:10:06 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 98e1b2c4c41d6c2b

GET
H/1.1 200 Primary Request / Show response
account.hcsc.net/login/ 1 KB
2 KB 495ms
132ms Document
text/html 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
Requested by: Host: pages.onlifehealth.com
URL: https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 7c6d0ae3a7ec10f89cb60bf19cf82c3e6daacc068792e11ab45dec8772e69664

Request headers

Referer: https://pages.onlifehealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store
Connection: keep-alive
Content-Length: 1420
Content-Type: text/html;charset=utf-8
Date: Tue, 08 Aug 2023 17:09:57 GMT
Etag: "64c18688-235:dtagent10271230629152232n3px"
Expires: Tue, 08 Aug 2023 17:09:56 GMT
Keep-Alive: timeout=60
Last-Modified: Wed, 26 Jul 2023 20:48:08 GMT
X-Oneagent-Js-Injection: true
X-Ruxit-Js-Agent: true
X-Vcap-Request-Id: 74578ba6-e793-48c3-7d70-84fc8cf9a154

GET
H/1.1 200 ruxitagentjs_ICA27NVfhqrux_10271230629152232.js Show response
account.hcsc.net/login/ 214 KB
82 KB 166ms
166ms Script
text/javascript 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 475a08e3abce68edaca9a5bc5b5204dc67fbdd04734533e26236f0bf924cb23f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:09:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Content-Type: text/javascript;charset=utf-8
X-Vcap-Request-Id: 477be81e-f81f-4772-6b28-fa84e8d6a86b
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 83954
Expires: Wed, 07 Aug 2024 17:09:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 53ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 17:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 15:14:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 17:10:07 GMT

GET
H/1.1 200 main.b5dd0936c221cbf97d93.js Show response
account.hcsc.net/login/ 1 MB
1 MB 154ms
154ms Script
application/x-javascript 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/main.b5dd0936c221cbf97d93.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 1d303e724792056cc9af4bacdff9f333c9fd7a95d9993855a17301ddd945190c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:09:50 GMT
Last-Modified: Wed, 26 Jul 2023 20:48:08 GMT
Etag: "64c18688-167087"
Content-Type: application/x-javascript
X-Vcap-Request-Id: c3344066-31e8-453b-74bc-1cf11cbfb471
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1470599

GET
H/1.1 200 main.bca4379616e51aae9382.css
account.hcsc.net/login/ 54 KB
54 KB 486ms
253ms Stylesheet
text/css 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/main.bca4379616e51aae9382.css
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 511fec3fa7e67906d6be14e8dc63a1498bbcc4aea157ee665fa586faa35517b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:09:58 GMT
Last-Modified: Wed, 26 Jul 2023 20:48:08 GMT
Etag: "64c18688-d6bc"
Content-Type: text/css
X-Vcap-Request-Id: e2a1336f-ff97-4013-5954-defe87ce90e6
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 54972

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
761 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.bca4379616e51aae9382.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce21709f7ac4f95d29cbbf971332e46ca1e02aec16e7b5c5923b3c99f4bae78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 17:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 17:02:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 17:10:08 GMT

GET
H/1.1 200 config Show response
account.hcsc.net/login/ 698 B
1 KB 120ms
119ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/config
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa&mkt_tok=MTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-dtpc: 3$114607812_132h3vUMRAUGNHKUUGJSKKKDKDJKSAFOKPMUCU-0e0

Response headers

Date: Tue, 08 Aug 2023 17:09:52 GMT
Last-Modified: Wed, 26 Jul 2023 20:48:08 GMT
Etag: "64c18688-2ba"
Content-Type: application/json
X-Vcap-Request-Id: 60a40eb2-cc07-4a0e-42d1-cf607ba6d53c
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 698

GET
H2 200 launch-1f6332b2afd3.min.js Show response
assets.adobedtm.com/45efbf285322/1951ece8c775/ 198 KB
53 KB 74ms
11ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.b5dd0936c221cbf97d93.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 06003b1225f1ccd6fdce15ac70366f722b6dcb05beb32b3a5038a052eec556e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:09 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 15:09:38 GMT
server: AkamaiNetStorage
etag: "a7423b8702ae78a05b4fef526c153ef6:1691420978.854977"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 53538
expires: Tue, 08 Aug 2023 18:10:09 GMT

GET
H/1.1 200 en Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/ 2 KB
2 KB 544ms
167ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/en

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Dispatcher: 1
Date: Tue, 08 Aug 2023 17:10:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 860

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 231ms
37ms XHR
application/json 52.211.186.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=24F66F63598431DC0A495EE9%40AdobeOrg&d_nsid=0&ts=1691514609730

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.186.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-186-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0e20dad2470f13e223fff65056174f539f7f4ad480097cf4d3980df1c48adb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-02fed42b9.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: BwXBbSnST0k=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://account.hcsc.net
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 08 Aug 2023 18:10:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 2a02:26f0:480:980::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 08 Aug 2023 18:10:09 GMT

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/13998/614634/ 200 KB
78 KB 162ms
14ms Script
text/javascript 108.138.17.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/13998/614634/di.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-72.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2ebd27c4bce1de7f9ebbdc3f99585b6e4cb2723b1e2b2cb729a13035346c8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/005921657-189B5351C1C
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=5400
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: wnkz1_lQaFKReTGwEDRlZ4Kk0KH2f9piFu2WTpE-k4WcsuflAPxMkw==

GET
BLOB 200
OK 34411d32-2c39-45af-b978-559726f3abb7
https://account.hcsc.net/ 15 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://account.hcsc.net/34411d32-2c39-45af-b978-559726f3abb7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a80d1f0e796d75f26bb50b84f7b35c7fb60ad507acbea9b39e0cc1421f1402

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 15737
Content-Type: application/javascript

GET
H/1.1 200
OK dest5.html Show response
hcsc.demdex.net/ Frame A290 7 KB
3 KB 306ms
33ms Document
text/html 52.209.244.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hcsc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.244.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-244-112.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.hcsc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v050-081b3f51f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: RupeSDpEQ3M=
content-encoding: gzip
date: Tue, 8 Aug 2023 17:10:10 GMT
last-modified: Wed, 28 Jun 2023 12:57:16 GMT
vary: accept-encoding

GET
H2 200 id Show response
healthcareservicecorporation.sc.omtrdc.net/ 2 B
267 B 262ms
22ms XHR
application/x-javascript 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://healthcareservicecorporation.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=24F66F63598431DC0A495EE9%40AdobeOrg&mid=57646401611971282670272865226631479753&ts=1691514609973

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 08 Aug 2023 17:10:10 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://account.hcsc.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZNJ28gAAAH_rxQNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=58226162061495689690218251144505176651
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZNJ28gAAAH_rxQNn

42 B
942 B

36ms
36ms

Image
image/gif

52.211.186.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZNJ28gAAAH_rxQNn

Protocol

HTTP/1.1

Server

52.211.186.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-186-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0e70ad34b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iKHvMTQfTtM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZNJ28gAAAH_rxQNn
Date: Tue, 08 Aug 2023 17:10:10 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 lnxcQiuJIxk Show response
www.youtube.com/embed/ Frame 984F 78 KB
33 KB 102ms
58ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lnxcQiuJIxk

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.b5dd0936c221cbf97d93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

240dd22e4bf91d0f2d121d00e74ec26084c2de71cd3b6c61f18c692059869231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.hcsc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-xyqTpE0qkeQbtQUWFMgodw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 17:10:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WoT_Logo.svg
bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/ 6 KB
3 KB 408ms
105ms Image
image/svg+xml 52.177.30.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/WoT_Logo.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.177.30.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-dispatcher: 1
date: Tue, 08 Aug 2023 17:10:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains;preload
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 14:20:59 GMT
server: Apache
etag: "1970-6015070a2e8c0-gzip"
x-vhost: bam-aem
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2573

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
19 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.hcsc.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:03:04 GMT
x-content-type-options: nosniff
age: 302826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:03:04 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 39ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.hcsc.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 23:21:53 GMT
x-content-type-options: nosniff
age: 323297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 23:21:53 GMT

GET
H/1.1 200 right-side-page-all-states Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-st... 1 KB
1 KB 157ms
156ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-states/right-side-page-all-states

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Dispatcher: 2
Date: Tue, 08 Aug 2023 17:10:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 445

GET
H/1.1 200 en Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/ 1 KB
1 KB 335ms
178ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/en

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Dispatcher: 1
Date: Tue, 08 Aug 2023 17:10:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 570

POST
H2 200 s12324343799474 Show response
healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/ 43 B
199 B 25ms
25ms XHR
image/gif 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/s12324343799474

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 17:10:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2023 17:10:10 GMT
server: jag
etag: 3632499966321491968-4619325770442565027
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://account.hcsc.net
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 07 Aug 2023 17:10:10 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/f98908d1/ Frame 984F 378 KB
47 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d04c9c6d855b28f6353d18577e1a8de70211a8fe6ed2b8f95fb2b3a9763c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:23:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48108
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Aug 2024 15:23:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 984F 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 290052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 984F 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:38:49 GMT
x-content-type-options: nosniff
age: 387081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:38:49 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/f98908d1/www-embed-player.vflset/ Frame 984F 312 KB
94 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b54520b5cd108058191f509705891644cc2ab56ab47625cabee254191a8f10b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:23:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95706
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Aug 2024 15:23:37 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/ Frame 984F 2 MB
752 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30acf6c0c8719f53b303a31c0195760ae37b84944321dc3445ca48782f539619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 10:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 769074
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Aug 2024 10:32:37 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f98908d1/fetch-polyfill.vflset/ Frame 984F 9 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Aug 2024 15:34:21 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 984F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

22ms
20ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fbc1a85edf55f3c946c39ee44753c27075cd38c2139a2d7a67659f8e53e7368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 08 Aug 2023 17:10:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 984F 29 B
494 B 54ms
8ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:08:48 GMT
x-content-type-options: nosniff
age: 82
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 17:23:48 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
17ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 08 Aug 2023 17:10:10 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 984F 85 KB
39 KB 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38caf9cfd8c51a019912cf3f17ff73700fe2191e67401e7cf91c6ab5add5c237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 08 Aug 2023 17:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40039
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/ Frame 984F 116 KB
33 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6578947c6bf389eb02feee610dc587ba06754bb822529de1b626175790b4465b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 10:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33680
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Aug 2024 10:32:37 GMT

GET
H2 200 Ofi-maixvOccNjdU-TqjMECG8HqNf8sOF2eVZdTtiDE.js Show response
www.google.com/js/th/ Frame 984F 37 KB
15 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Ofi-maixvOccNjdU-TqjMECG8HqNf8sOF2eVZdTtiDE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f8be99a8b1bce71c363754f93aa3304086f07a8d7fcb0e17679565d4ed8831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 21:37:35 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/lnxcQiuJIxk/ Frame 984F 13 KB
14 KB 56ms
12ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lnxcQiuJIxk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:44:42 GMT
x-content-type-options: nosniff
age: 5128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13636
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Aug 2023 17:44:42 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/ Frame 984F 28 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce39dd95b0a8435dc5dfbe8dbbe047da66922f73632b835c433918c98e7c1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8162
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 04:57:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Aug 2024 05:19:03 GMT

GET
DATA 200
OK truncated
/ Frame 984F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0B0flfi1o36LqeG-DBMqY47DktKDat0KBEZNnSiijRt7IqcZOnWm_Iv3WSNLE5jo4HW6jMEuEGw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 984F 3 KB
3 KB 62ms
10ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0B0flfi1o36LqeG-DBMqY47DktKDat0KBEZNnSiijRt7IqcZOnWm_Iv3WSNLE5jo4HW6jMEuEGw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

255dbe70a486526e0cd181c4f8b8a7c94ccfc658e0c8043fef726821990b38f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 11074
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3122
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:05:36 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 984F 0
10 B 12ms
11ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?S4B7aQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 23ms
23ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 08 Aug 2023 17:10:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 984F 90 B
134 B 29ms
29ms XHR
application/json+protobuf 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c77c57c637fed1e3d9a0b4af30e0d0c26b740dd8fcbff127c836169645ddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 08 Aug 2023 17:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 984F 4 KB
2 KB 51ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 17:10:11 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/115/ Frame 984F 51 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/115/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 09 Aug 2023 15:00:20 GMT

POST
H2 200 bf Show response
bf69636tjb.bf.dynatrace.com/ 220 B
486 B 300ms
92ms XHR
text/plain 34.231.76.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_3_sn_185F0DA412497B4DFC37399032AEC055_perc_100000_ol_0_mul_1_app-3Ae52da50c3dcf4fc9_1_rcs-3Acss_0&svrid=3&flavor=cors&vi=UMRAUGNHKUUGJSKKKDKDJKSAFOKPMUCU-0&modifiedSince=1691506711950&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%2526code_challenge%253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa%26mkt_tok%3DMTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y&bp=3&app=e52da50c3dcf4fc9&crc=1469158598&en=e6mqrbyg&end=1
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.76.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-76-20.compute-1.amazonaws.com
Software: /
Resource Hash: 9993e99fb7895ff4bcc5e25bc822279f0e47a2f5ececfec7e32bb74e6d3cae8b

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.hcsc.net
x-oneagent-js-injection: true
date: Tue, 08 Aug 2023 17:10:11 GMT
cache-control: no-cache
content-length: 220
content-type: text/plain;charset=utf-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 984F 28 B
54 B 23ms
23ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f98908d1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-Goog-Request-Time: 1691514613077
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
X-YouTube-Client-Version: 1.20230801.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtyMkJ2YThnbnlPMCjy7cmmBg%3D%3D
X-YouTube-Ad-Signals: dt=1691514610519&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C409%2C260&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 08 Aug 2023 17:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 08 Aug 2023 17:10:13 GMT

POST
H2 200 bf Show response
bf69636tjb.bf.dynatrace.com/ 220 B
484 B 94ms
93ms XHR
text/plain 34.231.76.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_3_sn_185F0DA412497B4DFC37399032AEC055_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=3&flavor=cors&vi=UMRAUGNHKUUGJSKKKDKDJKSAFOKPMUCU-0&modifiedSince=1691506711950&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%2526code_challenge%253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa%26mkt_tok%3DMTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y&bp=3&app=e52da50c3dcf4fc9&crc=1005951175&en=e6mqrbyg&end=1
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.76.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-76-20.compute-1.amazonaws.com
Software: /
Resource Hash: 9993e99fb7895ff4bcc5e25bc822279f0e47a2f5ececfec7e32bb74e6d3cae8b

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.hcsc.net
x-oneagent-js-injection: true
date: Tue, 08 Aug 2023 17:10:13 GMT
cache-control: no-cache
content-length: 220
content-type: text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13998/	1970-01-20 22:37:30	Name: da_lid Value: -BD8D80A29836EA161634BB99FF8212B8BC\|0\|0\|0
.decibelinsight.net/i/13998/	1970-01-20 13:51:56	Name: da_sid Value: 8EBEB3918C76AE8D8365AA13BD8058B30F\|3\|0\|3
.pages.onlifehealth.com/	1970-01-20 13:51:56	Name: __cf_bm Value: lrYI9hQzRDYTLgmEM_0qoKLCCoSmYl2ObUQs9hSPM7w-1691514606-0-AV2KfY6tTe54MpfJIdXoLEvBE0MKJ38tEN+5HOVq4m7oOpYktj5oxQPfUkVawJM2aLViMk047xbZdtkUc4y8oBQ=
account.hcsc.net/	1969-12-31 23:59:59	Name: TS0123e410 Value: 01d43b0fd2cb859d2684f4b08cf486648305ab88fe8f797b01a1fbfdd2b125abab2bc20f948c3fe5f2b9f3837b51bcc7dd350b0557
.hcsc.net/	1969-12-31 23:59:59	Name: TS011c8526 Value: 01d43b0fd22b06ab53e7c0d29b2182e191a6540e2d8f797b01a1fbfdd2b125abab2bc20f945c4032a71fabf4b19644d6e3adda801e72e36c3572b4c5f6efc5ca9fd7f32310
.hcsc.net/	1969-12-31 23:59:59	Name: rxVisitor Value: 16915146078147DN7FSSP29I4BJRRJP0NKKK413FQVREL
.hcsc.net/	1969-12-31 23:59:59	Name: dtSa Value: -
.hcsc.net/	1969-12-31 23:59:59	Name: rxvt Value: 1691516409497\|1691514607816
.hcsc.net/	1969-12-31 23:59:59	Name: dtPC Value: 3$114607812_132h-vUMRAUGNHKUUGJSKKKDKDJKSAFOKPMUCU-0e0
.demdex.net/	1970-01-20 18:11:06	Name: demdex Value: 58226162061495689690218251144505176651
.hcsc.net/	1969-12-31 23:59:59	Name: AMCVS_24F66F63598431DC0A495EE9%40AdobeOrg Value: 1
.hcsc.net/	1970-01-20 13:51:56	Name: da_sid Value: 8EBEB3918C76AE8D8365AA13BD8058B30F\|3\|0\|3
.hcsc.net/	1970-01-20 22:37:30	Name: da_lid Value: BD8D80A29836EA161634BB99FF8212B8BC\|0\|0\|0
.hcsc.net/	1970-01-20 13:51:56	Name: da_intState Value:
.hcsc.net/	1970-01-20 14:35:06	Name: s_getNewRepeat Value: 1691514610247-New
.hcsc.net/	1970-01-20 13:51:56	Name: gpv_pn Value: no%20value
.hcsc.net/	1970-01-20 13:58:04	Name: s_vnum Value: 1691884800249%26vn%3D1
.hcsc.net/	1970-01-20 13:51:56	Name: s_invisit Value: true
.hcsc.net/	1970-01-20 23:27:54	Name: s_daysSinceVisit Value: 1691514610250
.hcsc.net/	1970-01-20 13:51:56	Name: s_daysSinceVisit_s Value: First%20Visit
.hcsc.net/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.hcsc.net/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Faccount.hcsc.net%2Flogin%2F%253Fgoto%253Dhttps%25253A%25252F%25252Fcim.hcsc.net%25253A443%25252Fam%25252Foauth2%25252Fmembers%25252Fauthorize%25253Fclient_id%25253Doauth_mma_wot_APP00046856%252526scope%25253Dopenid%25252520profile%252526redirect_uri%25253Dhttps%25253A%25252F%25252Fwellontarget.onlifehealth.com%25252FHome%25252FLoginCallback%252526response_type%25253Dcode%252526state%25253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%252526code_challenge%25253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%252526code_challenge_method%25253DS256%252526service%25253Dhcsc-members-mma-mfa%2526realm%253D%2Fmembers%2526service%253Dhcsc-members-mma-mfa%2526mkt_tok%253DMTYyLUtQTy0zNTQAAAGNdRYnxQyDXXEVOavXvBQACVkNElwUMIxyZg0glOssWUxKTeM4ZQq-JtvBPcGQW8EO1gOD4DEzafJDa4qbNBK76blD9m-uvtpoQHWfIPR-2wCmu011y4Y%2C87%2C87%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.hcsc.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 22:37:30	Name: everest_g_v2 Value: g_surferid~ZNJ28gAAAH_rxQNn
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zKnkAL4ecl4
.dpm.demdex.net/	1970-01-20 18:11:06	Name: dpm Value: 58226162061495689690218251144505176651
.hcsc.net/	1970-01-20 23:27:54	Name: AMCV_24F66F63598431DC0A495EE9%40AdobeOrg Value: 179643557%7CMCIDTS%7C19578%7CMCMID%7C57646401611971282670272865226631479753%7CMCAAMLH-1692119409%7C6%7CMCAAMB-1692119409%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1691521810s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19585%7CvVersion%7C5.5.0
bam-aem.hcsc.net/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 7d5b1b8085b855bb2ebd48e356f5cd5b
bam-aem.hcsc.net/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 7d5b1b8085b855bb2ebd48e356f5cd5b
.hcsc.net/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_185F0DA412497B4DFC37399032AEC055_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGNdRYnxdn0enmOtLqMspLIpFrXpuKsVBKih_hHk75W5EUTCX1VmuLBjw9eufWMiHqsT4Skah6MUrKq2m8= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-KLKqsEMlGPY/02L7yewUecajxDTM/hLlktuO/tMHxnc=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.hcsc.net
assets.adobedtm.com
bam-aem.hcsc.net
bf69636tjb.bf.dynatrace.com
cdn.decibelinsight.net
cim.hcsc.net
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hcsc.demdex.net
healthcareservicecorporation.sc.omtrdc.net
i.ytimg.com
jnn-pa.googleapis.com
pages.onlifehealth.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.17.74.206
108.138.17.72
205.172.134.27
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a02:26f0:480:980::1e80
34.231.76.20
52.17.231.170
52.177.30.255
52.209.244.112
52.211.186.134
63.140.62.135
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
06003b1225f1ccd6fdce15ac70366f722b6dcb05beb32b3a5038a052eec556e7
082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec
0e20dad2470f13e223fff65056174f539f7f4ad480097cf4d3980df1c48adb39
1d303e724792056cc9af4bacdff9f333c9fd7a95d9993855a17301ddd945190c
240dd22e4bf91d0f2d121d00e74ec26084c2de71cd3b6c61f18c692059869231
255dbe70a486526e0cd181c4f8b8a7c94ccfc658e0c8043fef726821990b38f9
2ebd27c4bce1de7f9ebbdc3f99585b6e4cb2723b1e2b2cb729a13035346c8618
30acf6c0c8719f53b303a31c0195760ae37b84944321dc3445ca48782f539619
38caf9cfd8c51a019912cf3f17ff73700fe2191e67401e7cf91c6ab5add5c237
39f8be99a8b1bce71c363754f93aa3304086f07a8d7fcb0e17679565d4ed8831
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
475a08e3abce68edaca9a5bc5b5204dc67fbdd04734533e26236f0bf924cb23f
48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243
511fec3fa7e67906d6be14e8dc63a1498bbcc4aea157ee665fa586faa35517b0
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6578947c6bf389eb02feee610dc587ba06754bb822529de1b626175790b4465b
66c77c57c637fed1e3d9a0b4af30e0d0c26b740dd8fcbff127c836169645ddc8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6d0ae3a7ec10f89cb60bf19cf82c3e6daacc068792e11ab45dec8772e69664
7ce39dd95b0a8435dc5dfbe8dbbe047da66922f73632b835c433918c98e7c1f9
7fbc1a85edf55f3c946c39ee44753c27075cd38c2139a2d7a67659f8e53e7368
8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986
9993e99fb7895ff4bcc5e25bc822279f0e47a2f5ececfec7e32bb74e6d3cae8b
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f
b54520b5cd108058191f509705891644cc2ab56ab47625cabee254191a8f10b2
c4a80d1f0e796d75f26bb50b84f7b35c7fb60ad507acbea9b39e0cc1421f1402
ce21709f7ac4f95d29cbbf971332e46ca1e02aec16e7b5c5923b3c99f4bae78d
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69
f4d04c9c6d855b28f6353d18577e1a8de70211a8fe6ed2b8f95fb2b3a9763c25

account.hcsc.net Open in urlscan Pro 205.172.134.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

94 %HTTPS

55 %IPv6

15 Domains

21 Subdomains

20 IPs

4 Countries

2864 kBTransfer

5735 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account.hcsc.net Open in urlscan Pro
205.172.134.27 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

94 %
HTTPS

55 %
IPv6

15
Domains

21
Subdomains

20
IPs

4
Countries

2864 kB
Transfer

5735 kB
Size

30
Cookies

48 HTTP transactions
1 data transactions