urlscan.io logo urlscan.io
SecurityTrails logo

highmark.semprehealth.com Open in urlscan Pro
2a03:b0c0:3:d0::d23:d001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://highmark.semprehealth.com/
Effective URL: https://highmark.semprehealth.com/
Submission: On May 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d23:d001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is highmark.semprehealth.com.
TLS certificate: Issued by R3 on April 15th 2021. Valid for: 3 months.
This is the only time highmark.semprehealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2a03:b0c0:3:d... 14061 (DIGITALOC...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.86.0.85 16509 (AMAZON-02)
2 2600:9000:218... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.43.118.59 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.186.194.58 15169 (GOOGLE)
18 10
4    2a03:b0c0:3:d0::d23:d001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
highmark.semprehealth.com
2    2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
1    99.86.0.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net
cdn.segment.com
2    2600:9000:218e:ea00:1f:fd53:d200:21 (United States)

ASN16509 (AMAZON-02, US)
d1xr80cp1c5008.cloudfront.net
1    2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
1    52.43.118.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-118-59.us-west-2.compute.amazonaws.com
api.segment.io
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Domain Requested by
4 highmark.semprehealth.com 1 redirects highmark.semprehealth.com
3 rs.fullstory.com highmark.semprehealth.com
3 www.google-analytics.com cdn.segment.com
highmark.semprehealth.com
2 d1xr80cp1c5008.cloudfront.net highmark.semprehealth.com
2 fast.fonts.net highmark.semprehealth.com
fast.fonts.net
1 stats.g.doubleclick.net highmark.semprehealth.com
1 edge.fullstory.com cdn.segment.com
1 api.segment.io highmark.semprehealth.com
1 browser-update.org highmark.semprehealth.com
1 cdn.segment.com highmark.semprehealth.com
18 10

This site contains links to these domains. Also see Links.

Domain
www.highmarkblueshield.com
Subject Issuer Validity Valid
highmark.semprehealth.com
R3		 2021-04-15 -
2021-07-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-06 -
2021-08-06		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2020-06-12 -
2021-07-27		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.fullstory.com
R3		 2021-03-29 -
2021-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://highmark.semprehealth.com/
Frame ID: E064E1C762B70F497DADF4B9323459EC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://highmark.semprehealth.com/ HTTP 301
    https://highmark.semprehealth.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

625 kB
Transfer

2065 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://highmark.semprehealth.com/ HTTP 301
    https://highmark.semprehealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
highmark.semprehealth.com/
Redirect Chain
  • http://highmark.semprehealth.com/
  • https://highmark.semprehealth.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
7809e7ccae230c6297807dd8fdc963349d86184ae1be8306b08214e9fd1d0e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
highmark.semprehealth.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 26 May 2021 20:51:19 GMT
etag
"73010ee7f32a8f3069a362f7024cf095-ssl-df"
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
x-frame-options
DENY
x-xss-protection
1; mode=block
server
Netlify
x-nf-request-id
f2aa44fc-f525-4fb6-9d18-b6a0ac3b89bd
content-length
870
age
0
vary
Accept-Encoding
content-encoding
br
x-content-type-options
nosniff

Redirect headers

cache-control
public, max-age=0, must-revalidate
content-length
50
content-type
text/plain
date
Wed, 26 May 2021 20:51:19 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
location
https://highmark.semprehealth.com/
server
Netlify
age
0
x-nf-request-id
cf075b3a-b95e-42bb-b2bc-129156dfe156
x-xss-protection
1; mode=block
x-frame-options
DENY
7c860e7f-1b47-4f07-9aa8-4739f8ae25cf.css
fast.fonts.net/cssapi/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/cssapi/7c860e7f-1b47-4f07-9aa8-4739f8ae25cf.css
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf423a7999bae951abb569efb56493d151cb97239b6af0972796c7b06a03fce

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:51:20 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
GS87FYKE6339JK10
x-amz-id-2
0Fun8fFo2eEBo4mW6zHbPG1U8nXb9JCFR05ZG/hA03GMi1kRhLfsKCb3AD0pv8xK3ANlT3Qoloo=
last-modified
Wed, 17 Feb 2021 08:58:57 GMT
server
cloudflare
etag
W/"8477ada8670116b96a440a1b2a7e09ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Thu, 27 May 2021 00:51:20 GMT
cache-control
public, max-age=14400
cf-request-id
0a4c0b445e00002bd2d816d000000001
cf-ray
6559e1809ed72bd2-FRA
x-amz-meta-mtime
1526942076
highmark.bundle.js
highmark.semprehealth.com/ 		1 MB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://highmark.semprehealth.com/highmark.bundle.js
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
fc67b8c9fa6904e25b25ec41b10186ef2032f7fa7e1d2b99aaed2093ede2e5bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/highmark.bundle.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
highmark.semprehealth.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
f517d7ba-530a-47a8-990f-94e839ed991c
date
Wed, 26 May 2021 20:51:19 GMT
content-encoding
br
referrer-policy
no-referrer
server
Netlify
age
0
etag
"f361a3df51f8d2fa744fd1384f53c15f-ssl-df"
x-frame-options
DENY
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
x-content-type-options
nosniff
1.css
fast.fonts.net/t/ 		0
249 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=7c860e7f-1b47-4f07-9aa8-4739f8ae25cf
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/7c860e7f-1b47-4f07-9aa8-4739f8ae25cf.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:51:20 GMT
cf-cache-status
HIT
age
167406
cf-ray
6559e1838d5e2bd2-FRA
content-length
0
x-amz-id-2
fktlFKiHlLhG8FgPM1QAo5zFW7VbJsGRqP3TjPhJQqpC8RgucLgzVWuKxX400TcVE5eIF0SEfrw=
last-modified
Tue, 23 Mar 2021 12:59:23 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
92JG8JZVNKDEH73E
cache-control
public, max-age=0, s-maxage=604800
cf-request-id
0a4c0b463900002bd212a64000000001
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-meta-mtime
1519217722
analytics.min.js
cdn.segment.com/analytics.js/v1/MAW0IMHKSaZxJtzbrynS6Ff4wE5aZlP1/ 		380 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/MAW0IMHKSaZxJtzbrynS6Ff4wE5aZlP1/analytics.min.js
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.0.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-0-85.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb57ad8817a603b29b7b33fe6c58495dd820190b8873d1edf7337beb76ac775c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:51:23 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Fri, 21 May 2021 17:59:23 GMT
server
AmazonS3
etag
W/"c9ff07441947d459f2605b6a09078b62"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
AmKL3tFdLGgwPIzIZfJBE_OzTfAx1z._
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control
public, max-age=120
content-type
text/javascript; charset=utf-8
x-amz-cf-id
PGy7GNx7j6N4ibWuuKEIROEqeTe-lnLltCX1Avk8OeY0pcCA1zLk1Q==
448c34a56d699c29117adc64c43affeb.woff2
highmark.semprehealth.com/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://highmark.semprehealth.com/448c34a56d699c29117adc64c43affeb.woff2
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/448c34a56d699c29117adc64c43affeb.woff2
pragma
no-cache
origin
https://highmark.semprehealth.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
highmark.semprehealth.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://highmark.semprehealth.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
8f50eb2b-92a3-4a78-ad27-71f491bba8c9
date
Wed, 26 May 2021 19:09:44 GMT
referrer-policy
no-referrer
server
Netlify
age
6098
etag
"e83b3ba7bc6fce1725ca024ab4a89c37-ssl"
x-frame-options
DENY
content-type
font/woff2
cache-control
public, max-age=0, must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18028
x-xss-protection
1; mode=block
highmark-sempre-white2.png
d1xr80cp1c5008.cloudfront.net/landing-page/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1xr80cp1c5008.cloudfront.net/landing-page/highmark-sempre-white2.png
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:ea00:1f:fd53:d200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4babed43d8da325a98b9b9e2bba18c0e787a498f993c20c56264228a9732c4bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zKRO9sNXoWl6ZF0Z0h_GA3ThSNIy7y3i
via
1.1 33f7e3e8ae7caf5d589fe55fdfeb705d.cloudfront.net (CloudFront)
etag
"8ca2b29355a0aad4ebef566e68221014"
last-modified
Wed, 27 May 2020 17:39:42 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
image/png
date
Wed, 26 May 2021 20:51:24 GMT
accept-ranges
bytes
content-length
35923
x-amz-cf-id
whTo7z9_ICWZAtudJeSrLrK1OBDxn5uejZC_8DRdWJ46VQL3CwwGpw==
couple-phone.jpg
d1xr80cp1c5008.cloudfront.net/landing-page/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1xr80cp1c5008.cloudfront.net/landing-page/couple-phone.jpg
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:ea00:1f:fd53:d200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d858a9add564820ee7bf3f56d693062792791fc26bd87c982a66ce23531d67f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 26 May 2021 20:51:24 GMT
via
1.1 33f7e3e8ae7caf5d589fe55fdfeb705d.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jun 2019 21:27:54 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
etag
"2472a50708916d7831997bc064208c20"
x-cache
Miss from cloudfront
x-amz-version-id
MK9cRwYgFhARN6VqJGOjsxVK_v9rjeVx
accept-ranges
bytes
content-type
image/jpeg
content-length
100342
x-amz-cf-id
h_Kws1JyECdrtO2MmRVojiLizYEQAD2qSW5fa_zv6NiL_ZdgzppmMg==
update.min.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:51:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 May 2021 07:17:46 GMT
server
cloudflare
age
1517434
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jh%2Bfn6%2BDtMiYk%2BDRB4UmypRNDdOmyH0XaN1%2Fy%2BTTtSQVNrMGBn%2BS5LRRYVQv0XQz96CQLDEFkQjQf%2FwESLPgNH0ZISvtN%2BEz21StE1OCzQeKJJUi5ifGAetLnhof5kDm1Fzaf3i6jb9qrhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6559e191ae16c27c-FRA
cf-request-id
0a4c0b4f0e0000c27c1fbbc000000001
expires
Mon, 10 May 2021 07:20:48 GMT
p
api.segment.io/v1/ 		21 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.118.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-118-59.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://highmark.semprehealth.com
date
Wed, 26 May 2021 20:51:24 GMT
content-length
21
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/MAW0IMHKSaZxJtzbrynS6Ff4wE5aZlP1/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4887
date
Wed, 26 May 2021 19:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 26 May 2021 21:29:56 GMT
fs.js
edge.fullstory.com/s/ 		200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/MAW0IMHKSaZxJtzbrynS6Ff4wE5aZlP1/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
beb1fd3934440a135005a699fb26e1caa495c88822bace40a4910d007c3dfe36

Request headers

Origin
https://highmark.semprehealth.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 20:13:50 GMT
content-encoding
gzip
age
2253
x-guploader-uploadid
ABg5-UwJanEZZF6eA9FiP81k1sbB74stEhEi97djeeDm_ZaMnSp9rc6j6S4J31n-LPLRh2TLATnfwWKM0TIf3e8kUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
61708
last-modified
Mon, 24 May 2021 17:43:12 GMT
server
UploadServer
etag
"93c2af80aaa9c4a9eb8e9e4097baafb2"
x-goog-hash
crc32c=ZagYag==, md5=k8KvgKqpxKnrjp5Al7qvsg==
x-goog-generation
1621878192882634
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
61708
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 26 May 2021 21:13:50 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1320876233&t=pageview&_s=1&dl=https%3A%2F%2Fhighmark.semprehealth.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=847356127&gjid=233604068&cid=925515479.1622062284&tid=UA-66410713-3&_gid=487285681.1622062284&_r=1&_slc=1&z=1531077265
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 May 2021 20:51:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://highmark.semprehealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1320876233&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhighmark.semprehealth.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20homepage%20Page&ev=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=925515479.1622062284&tid=UA-66410713-3&_gid=487285681.1622062284&z=1582377391
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 May 2021 07:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49397
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-66410713-3&cid=925515479.1622062284&jid=847356127&gjid=233604068&_gid=487285681.1622062284&_u=aEBAAEAAAAAAAC~&z=1605946305
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 26 May 2021 20:51:23 GMT
content-type
text/plain
access-control-allow-origin
https://highmark.semprehealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
rs.fullstory.com/rec/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e09c5a46100a018a90686bce7c3de99d36eeec4063a6812d767a052ec4c34a28

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 May 2021 20:51:24 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://highmark.semprehealth.com
access-control-allow-credentials
true
alt-svc
clear
content-length
1097
via
1.1 google
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=4K3FQ&UserId=4912681133678592&SessionId=4645583627100160&PageId=5814063839715328&Seq=1&PageStart=1622062284296&PrevBundleTime=0&LastActivity=559&IsNewSession=true
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fcfad6c06c3c909582c2193a2cade633259817ac447bcdcc2371ab40d5d27979

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://highmark.semprehealth.com
date
Wed, 26 May 2021 20:51:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=4K3FQ&UserId=4912681133678592&SessionId=4645583627100160&PageId=5814063839715328&Seq=2&PageStart=1622062284296&PrevBundleTime=1622062284797&LastActivity=4865&IsNewSession=true
Requested by
Host: highmark.semprehealth.com
URL: https://highmark.semprehealth.com/highmark.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5dea6bcfa07c85d879c73c6f09c892e8cf28b37ced0569c82ea874ea572583a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://highmark.semprehealth.com
date
Wed, 26 May 2021 20:51:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $buoop function| $buo_f object| analytics object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres string| GoogleAnalyticsObject function| ga boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| _fs_loaded function| _fs_shutdown

4 Cookies

Domain/Path Name / Value
.semprehealth.com/ Name: _gid
Value: GA1.2.487285681.1622062284
.semprehealth.com/ Name: _gat
Value: 1
.semprehealth.com/ Name: _ga
Value: GA1.2.925515479.1622062284
.semprehealth.com/ Name: ajs_anonymous_id
Value: %2281621eed-bf3d-4c4c-a880-d744202b0829%22

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
browser-update.org
cdn.segment.com
d1xr80cp1c5008.cloudfront.net
edge.fullstory.com
fast.fonts.net
highmark.semprehealth.com
rs.fullstory.com
stats.g.doubleclick.net
www.google-analytics.com
2600:9000:218e:ea00:1f:fd53:d200:21
2606:4700:20::681a:6b4
2606:4700::6811:e14e
2a00:1450:4001:80e::200e
2a00:1450:400c:c04::9a
2a03:b0c0:3:d0::d23:d001
35.186.194.58
35.201.112.186
52.43.118.59
99.86.0.85
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
4babed43d8da325a98b9b9e2bba18c0e787a498f993c20c56264228a9732c4bf
5dea6bcfa07c85d879c73c6f09c892e8cf28b37ced0569c82ea874ea572583a4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7809e7ccae230c6297807dd8fdc963349d86184ae1be8306b08214e9fd1d0e6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a0f5c601831f5a644145b3ec16b6514f6915b9c70d962654b2f6219de558227
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bcf423a7999bae951abb569efb56493d151cb97239b6af0972796c7b06a03fce
beb1fd3934440a135005a699fb26e1caa495c88822bace40a4910d007c3dfe36
d858a9add564820ee7bf3f56d693062792791fc26bd87c982a66ce23531d67f3
e09c5a46100a018a90686bce7c3de99d36eeec4063a6812d767a052ec4c34a28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb57ad8817a603b29b7b33fe6c58495dd820190b8873d1edf7337beb76ac775c
fc67b8c9fa6904e25b25ec41b10186ef2032f7fa7e1d2b99aaed2093ede2e5bb
fcfad6c06c3c909582c2193a2cade633259817ac447bcdcc2371ab40d5d27979
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c