www.premera.com Open in urlscan Pro
40.91.73.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://premera.com/
Effective URL:
https://www.premera.com/visitor?region=pbcwa
Submission: On January 04 via manual (January 4th 2024, 12:48:26 pm UTC) from SG — Scanned from SG

Summary HTTP 142 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 48 IPs in 10 countries across 54 domains to perform 142 HTTP transactions. The main IP is 40.91.73.27, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.premera.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 18th 2023. Valid for: a year.

This is the only time www.premera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 25	40.91.73.27 40.91.73.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	172.64.140.13 172.64.140.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.200.97 74.125.200.97	15169 (GOOGLE) (GOOGLE)
30	52.247.202.34 52.247.202.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	13.227.254.97 13.227.254.97	16509 (AMAZON-02) (AMAZON-02)
1	117.18.232.200 117.18.232.200	15133 (EDGECAST) (EDGECAST)
1 4	34.208.28.93 34.208.28.93	16509 (AMAZON-02) (AMAZON-02)
15	23.52.40.154 23.52.40.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	157.240.15.13 157.240.15.13	32934 (FACEBOOK) (FACEBOOK)
1	185.84.60.57 185.84.60.57	198622 (ADFORM) (ADFORM)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
1	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
1	157.240.15.35 157.240.15.35	32934 (FACEBOOK) (FACEBOOK)
1 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	63.140.36.117 63.140.36.117	16509 (AMAZON-02) (AMAZON-02)
1 1	18.141.15.108 18.141.15.108	16509 (AMAZON-02) (AMAZON-02)
4	54.238.98.43 54.238.98.43	16509 (AMAZON-02) (AMAZON-02)
1 13	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
1	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
2 3	52.77.120.78 52.77.120.78	16509 (AMAZON-02) (AMAZON-02)
1	23.73.14.39 23.73.14.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.196.5.91 18.196.5.91	16509 (AMAZON-02) (AMAZON-02)
1 1	23.106.127.57 23.106.127.57	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	139.99.123.150 139.99.123.150	16276 (OVH) (OVH)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	51.79.152.76 51.79.152.76	16276 (OVH) (OVH)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	119.9.108.180 119.9.108.180	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1 2	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
1	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	13.251.203.156 13.251.203.156	16509 (AMAZON-02) (AMAZON-02)
2	23.207.181.216 23.207.181.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	99.81.243.254 99.81.243.254	16509 (AMAZON-02) (AMAZON-02)
1	52.218.121.0 52.218.121.0	16509 (AMAZON-02) (AMAZON-02)
1	52.34.247.233 52.34.247.233	16509 (AMAZON-02) (AMAZON-02)
3 4	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	207.65.33.82 207.65.33.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.155.68.97 18.155.68.97	16509 (AMAZON-02) (AMAZON-02)
3 4	54.217.36.38 54.217.36.38	16509 (AMAZON-02) (AMAZON-02)
1 1	18.155.68.56 18.155.68.56	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	122.248.253.6 122.248.253.6	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.44.1.77 23.44.1.77	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.227.254.65 13.227.254.65	16509 (AMAZON-02) (AMAZON-02)
1	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1	52.76.42.3 52.76.42.3	16509 (AMAZON-02) (AMAZON-02)
2	40.79.170.242 40.79.170.242	() ()
142	48

25 40.91.73.27 (United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
member-edge.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.140.13 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 52.247.202.34 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

contentservices.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.254.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-97.sin52.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.208.28.93 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-28-93.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
premera.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.52.40.154 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-40-154.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.15.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net

smetrics.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.141.15.108 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-15-108.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.238.98.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com

data.privacy.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.84.60.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.77.120.78 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-120-78.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.14.39 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-14-39.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.5.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-5-91.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.57 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.123.150 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ads14-sgp.stickyadstv.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.152.76 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.9.108.180 (Hong Kong) 2 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.80.142 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.4.156 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.203.156 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-203-156.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.207.181.216 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.243.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.121.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.247.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-247-233.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.178 (Singapore, Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-97.sin52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.217.36.38 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-56.sin52.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 122.248.253.6 (Bedok New Town, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-253-6.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.116 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.1.77 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-77.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.65 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-65.sin52.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.42.3 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-42-3.ap-southeast-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.79.170.242 (None, )

ASN- ()

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	premera.com 3 redirects premera.com — Cisco Umbrella Rank: 447003 www.premera.com contentservices.premera.com smetrics.premera.com — Cisco Umbrella Rank: 933464 member-edge.premera.com	1 MB
16	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7751 a2.adform.net — Cisco Umbrella Rank: 12667 c1.adform.net — Cisco Umbrella Rank: 1001 dmp.adform.net — Cisco Umbrella Rank: 4001	42 KB
15	6sc.co j.6sc.co — Cisco Umbrella Rank: 14744 c.6sc.co — Cisco Umbrella Rank: 20790 ipv6.6sc.co — Cisco Umbrella Rank: 15314 b.6sc.co — Cisco Umbrella Rank: 9130	24 KB
10	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4817 data.privacy.ensighten.com — Cisco Umbrella Rank: 11637	138 KB
5	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	1 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 658	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 3399	3 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 793 ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 313 premera.demdex.net	5 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1888	301 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 764	878 B
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2396	1 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 995	1 KB
2	visualstudio.com dc.services.visualstudio.com	283 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	720 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378	629 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	660 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1620	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 3669	491 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	791 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	835 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 1480	881 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1645	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	1 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 266	308 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	152 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 3028	44 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 40489	49 B
1	lkqd.net cs.lkqd.net — Cisco Umbrella Rank: 3736	521 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1035	523 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 2019	278 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 973	644 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 39122	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499	473 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 48841	407 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 7397	405 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 3106	324 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1105	201 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 958	639 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	669 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 5432	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 744	661 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4236	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 44866	467 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1969	517 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 10713	408 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	3 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 4869	22 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	7 KB
142	54

	Domain	Requested by
30	contentservices.premera.com	www.premera.com
22	www.premera.com	2 redirects www.premera.com
12	b.6sc.co	www.premera.com
9	c1.adform.net	1 redirects nexus.ensighten.com c1.adform.net
6	nexus.ensighten.com	www.premera.com nexus.ensighten.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	a.audrte.com	3 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	data.privacy.ensighten.com	www.premera.com
4	use.fontawesome.com	www.premera.com use.fontawesome.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	uipglob.semasio.net	2 redirects c1.adform.net
3	ad.360yield.com	2 redirects c1.adform.net
3	dpm.demdex.net	1 redirects www.premera.com
2	dc.services.visualstudio.com	www.premera.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	pippio.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	member-edge.premera.com	www.premera.com
2	smetrics.premera.com	www.premera.com
2	a2.adform.net	1 redirects www.premera.com
2	analytics.google.com	nexus.ensighten.com
2	www.googletagmanager.com	www.premera.com nexus.ensighten.com
1	e1.emxdgt.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	cs.lkqd.net	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ib.adnxs.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	onetag-sys.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	a1.seadform.net	www.premera.com
1	cm.everesttech.net	1 redirects
1	premera.demdex.net	nexus.ensighten.com
1	ipv6.6sc.co	www.premera.com
1	c.6sc.co	www.premera.com
1	www.facebook.com	www.premera.com
1	www.google.com.sg	www.premera.com
1	stats.g.doubleclick.net	nexus.ensighten.com
1	s2.adform.net	nexus.ensighten.com
1	connect.facebook.net	nexus.ensighten.com
1	j.6sc.co	nexus.ensighten.com
1	az416426.vo.msecnd.net	www.premera.com
1	cdnjs.cloudflare.com	www.premera.com
1	premera.com	1 redirects
142	68

This site contains links to these domains. Also see Links.

Domain
premera1.destinationrx.com
medicare.premera.com
business.premera.com
hmo.premera.com
kinwellhealth.com
premeralistens.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
apps.apple.com
play.google.com
healthsource.premera.com

Subject Issuer	Validity	Valid
www.premera.com GlobalSign RSA OV SSL CA 2018	`2023-07-18` - `2024-08-18`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
contentservices.premera.com GlobalSign RSA OV SSL CA 2018	`2023-07-03` - `2024-08-03`	a year	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-13` - `2024-01-11`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
smetrics.premera.com GlobalSign RSA OV SSL CA 2018	`2023-02-08` - `2024-03-11`	a year	crt.sh
member.premera.com GlobalSign RSA OV SSL CA 2018	`2023-10-04` - `2024-11-04`	a year	crt.sh
*.privacy.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-02-16`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-11-17` - `2024-11-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.premera.com/visitor?region=pbcwa
Frame ID: 5E22E901715A225CC9CA92C1226A288B
Requests: 87 HTTP requests in this frame

Frame: https://premera.demdex.net/dest5.html?d_nsid=0
Frame ID: 8912DFC287E0C7C5CDC2359DB2DF6934
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Frame ID: 7DB1835040B9464ECD904D949EED49B6
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Premera Blue Cross

Page URL History Show full URLs

http://premera.com/ HTTP 302
https://www.premera.com/ HTTP 302
https://www.premera.com/wa/visitor/ HTTP 302
https://www.premera.com/visitor?region=pbcwa Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

142
Requests

82 %
HTTPS

0 %
IPv6

54
Domains

68
Subdomains

48
IPs

10
Countries

1763 kB
Transfer

4099 kB
Size

98
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://premera1.destinationrx.com/pc/2024/Shopping/Home
Title: Enroll now

Search URL Search Domain Scan URL

URL: https://medicare.premera.com/learn-about-medicare/
Title: Explore how Medicare works

Search URL Search Domain Scan URL

URL: https://business.premera.com/
Title: Premera Blue Cross for business

Search URL Search Domain Scan URL

URL: https://hmo.premera.com/
Title: Premera Blue Cross HMO

Search URL Search Domain Scan URL

URL: https://kinwellhealth.com/?utm_medium=banner&utm_source=premera.com&utm_campaign=premera.com-kinwell-banners&utm_content=premera.com%20homepage%20-%20Two-pack-1%20-%20link%201%20-%20CTA%20-%20Find%20out%20more
Title: All about Kinwell

Search URL Search Domain Scan URL

URL: https://kinwellhealth.com/appointments/?utm_medium=banner&utm_source=premera.com&utm_campaign=premera.com-kinwell-banners&utm_content=premera.com%20homepage%20-%20Two-pack-1%20-%20link%202%20-%20CTA%20-%20Find%20a%20Location
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://premeralistens.com/
Title: Leave feedback

Search URL Search Domain Scan URL

URL: https://www.facebook.com/premerabluecross
Title: Visit Premera Facebook page

Search URL Search Domain Scan URL

URL: https://twitter.com/premera
Title: Visit Premera Twitter page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/premerabluecross
Title: Visit Premera Youtube page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/premera-blue-cross
Title: Visit Premera LinkedIn page

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id1139271535

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.premera.android&referrer=utm_campaign%3Dadb_acq_v3%26utm_source%3Dadb_acq_v3%26utm_content%3D87f684aca555370714fc7a6a886f3b9844208012

Search URL Search Domain Scan URL

URL: https://healthsource.premera.com/
Title: Healthsource Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://premera.com/ HTTP 302
https://www.premera.com/ HTTP 302
https://www.premera.com/wa/visitor/ HTTP 302
https://www.premera.com/visitor?region=pbcwa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://a2.adform.net/Serving/TrackPoint/?pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=23236567143668288703574160996395182204 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZapDgAAAI86DwN8

Request Chain 87

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096

Request Chain 91

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6985292829669439587&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=3013985329048584307

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=70&user_id=6985292829669439587 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6985292829669439587 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=15b92a6c-be37-4fe9-bd8a-08fafcacef9b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 94

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096&C=1

Request Chain 95

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external

Request Chain 96

https://ps.eyeota.net/match?uid=6985292829669439587&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=6985292829669439587&bid=9gdtmu1

Request Chain 98

https://idsync.rlcdn.com/398366.gif?partner_uid=6985292829669439587 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjk4NTI5MjgyOTY2OTQzOTU4NxAAGg0IkNLarAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=332d528bac508e1d0cb12c161018a0d90c29aa30fdb0c72e6953be27e4f6e35d791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzMzJkNTI4YmFjNTA4ZTFkMGNiMTJjMTYxMDE4YTBkOTBjMjlhYTMwZmRiMGM3MmU2OTUzYmUyN2U0ZjZlMzVkNzkxNDI2YjU0MTdkY2UyMRAAGgwIkdLarAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzMzJkNTI4YmFjNTA4ZTFkMGNiMTJjMTYxMDE4YTBkOTBjMjlhYTMwZmRiMGM3MmU2OTUzYmUyN2U0ZjZlMzVkNzkxNDI2YjU0MTdkY2UyMRAAGgwIkdLarAYSBAgCEABCAEoA&google_gid=CAESEHQdFLFTmr3OatazQhkfzNA&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=298e82dc-52ad-4e6d-9408-6dcaf35b636d

Request Chain 99

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent=

Request Chain 101

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6985292829669439587 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6985292829669439587

Request Chain 102

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Njk4NTI5MjgyOTY2OTQzOTU4Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Njk4NTI5MjgyOTY2OTQzOTU4Nw&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFTJ2DhMjh9Dn59Xpo5aWbE&google_cver=1&google_ula=1641347,0

Request Chain 106

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=7018147249459584594&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6985292829669439587

Request Chain 109

https://a.audrte.com/a?adform_uid=6985292829669439587 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTlhRWNCdEN0bGtUNUNNY0N5UndRLWE1Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091 HTTP 302
https://a.audrte.com/match?uid=34bae1b1-2e7c-4937-bb1b-9a56fb789d76&p=560038091 HTTP 302
https://a.audrte.com/p

Request Chain 110

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6985292829669439587&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=23236567143668288703574160996395182204&noredirect=1

Request Chain 111

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6985292829669439587 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209120804751002279192

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7320224134836320413

Request Chain 114

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=dyLpTdU61Rln8Z5

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=afa56096-9f4e-435e-a68f-89af817c10f8

Request Chain 116

https://id5-sync.com/s/10/0.gif?puid=6985292829669439587 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6985292829669439587&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=7018147249459584594&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/10/112/0/3.gif?puid=${UIPID}&gdpr=0&gdpr_consent=

Request Chain 117

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=927263252 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Azw9CSh1VWokBNs5VXm18e

Request Chain 119

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6985292829669439587 HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=06fe7ad8c0&gdpr=0&gdpr_consent=

Request Chain 121

https://eb2.3lift.com/xuid?mid=7354&xuid=6985292829669439587&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6985292829669439587&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

142 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request visitor Show response
www.premera.com/
Redirect Chain

http://premera.com/
https://www.premera.com/
https://www.premera.com/wa/visitor/
https://www.premera.com/visitor?region=pbcwa

5 KB
3 KB

355ms
355ms

Document
text/html

40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f374f13ef3a99199df00b5f5332eec3dc9aec900c4be9b94b9aa1e8f54737933

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 2432
content-security-policy: frame-ancestors 'none'
content-type: text/html
date: Thu, 04 Jan 2024 12:48:11 GMT
etag: "0ba69dbd22eda1:0:dtagent10221210805073954IHv4"
last-modified: Thu, 14 Dec 2023 21:16:51 GMT
referrer-policy: strict-origin-when-cross-origin
server-timing: dtSInfo;desc="0", dtRpid;desc="1322934692"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-oneagent-js-injection: true
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

Redirect headers

content-length: 167
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 12:48:10 GMT
location: https://www.premera.com/visitor?region=pbcwa
server: Microsoft-IIS/10.0
server-timing: dtSInfo;desc="0", dtRpid;desc="212423731"
x-oneagent-js-injection: true
x-powered-by: ASP.NET
x-ruxit-js-agent: true

GET
H2 200 ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js Show response
www.premera.com/ 235 KB
90 KB 732ms
729ms Script
text/javascript 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

763860f077901c20f62d6ce9626f3098106bba5736ee8e5dc11dee1c8410be5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor?region=pbcwa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
content-length: 91197
x-xss-protection: 1; mode=block
expires: Fri, 03 Jan 2025 12:48:11 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v6.3.0/css/ 100 KB
23 KB 391ms
43ms Stylesheet
text/css 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 469904
etag: W/"2fd961571c270c2d63b165a97488fe95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN4bAEFV6PyOjExGKAIrdSxssq5KXogAxVUzeVSEEuBEbiBC5R6hW63NA1wGcdmKFkSwn7woi5Xp3zdXf%2B5MeSvnhBVCGSZDcKSe5snkYvZcE%2Fhhr9jscBpV9D71luILNY%2FtHDpn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 84039827be0e4bf2-SIN
alt-svc: h3=":443"; ma=86400

GET pbc.css
www.premera.com/ 0
0

GET
H2 200 sw-clean.js Show response
www.premera.com/assets/ 502 B
1 KB 194ms
192ms Script
application/x-javascript 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/assets/sw-clean.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78acf2126a634507f19fdf32d51e7e123938035a65edd07d37cda567896460f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor?region=pbcwa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
etag: "9f5f11dcd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
server-timing: dtSInfo;desc="0", dtRpid;desc="-943885827"
accept-ranges: bytes
content-length: 322
x-xss-protection: 1; mode=block

GET
H2 200 hammer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/ 20 KB
7 KB 378ms
37ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/hammer.min.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4732594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6561
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-511d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvIvaGpy5MQrYSGCx%2FYAfyQOiX%2BcW1eHDbBbGU8r%2Bv5v6dyVGcRxchhpVF5UDKPCXuhBWLFGmm3qlKQNIO7Q8U8riX7W6JEDftU4qQ5r1ddfyM6zbLO1rhW7UdoppQvuHkmqeLPI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8403982d38bd496b-SIN
expires: Tue, 24 Dec 2024 12:48:12 GMT

GET
H2 200 runtime.2689ef14377617e4.js Show response
www.premera.com/ 986 B
2 KB 367ms
365ms Script
application/x-javascript 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/runtime.2689ef14377617e4.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c04d6663026b2be5d25f0f532fd9bb8b80120bd14d7e9897e594bd47a73b9de0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.premera.com/visitor?region=pbcwa
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="147710222", dtTao;desc="1"
content-length: 816
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:52 GMT
etag: "5df1e3dbd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 polyfills.286682536a415387.js Show response
www.premera.com/ 47 KB
17 KB 193ms
191ms Script
application/x-javascript 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/polyfills.286682536a415387.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6440ff3716a8517c2fb783fb319114c3c4cee357b648982c01eaa74493dcef3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.premera.com/visitor?region=pbcwa
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="201344701", dtTao;desc="1"
content-length: 16204
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:52 GMT
etag: "0ba69dbd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.3a2ef3a2b51c226d.js Show response
www.premera.com/ 1016 KB
261 KB 367ms
366ms Script
application/x-javascript 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/main.3a2ef3a2b51c226d.js

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7115ca5ec2aa380d49f0e7b3f6528b35dd80b26e3c0c90b906534353df44a6cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.premera.com/visitor?region=pbcwa
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="-191252762", dtTao;desc="1"
content-length: 265647
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
etag: "80502dcd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
accept-ranges: bytes
timing-allow-origin: *

GET pbc.css
www.premera.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
58 KB 389ms
36ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F8DHKR4

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4f468bac56fc141673f8041311cd23c86365a87f20075b19becf999c621c2179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58656
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jan 2024 12:48:12 GMT

GET
H2 200 pbc.1da9d05925f026e8.css
www.premera.com/ 421 KB
67 KB 217ms
216ms Stylesheet
text/css 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/pbc.1da9d05925f026e8.css

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor?region=pbcwa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

682dc04057efefe832d0ddf9206df96c77c45c4adaa3f0a098b079900f77f9e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor?region=pbcwa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
etag: "80502dcd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
server-timing: dtSInfo;desc="0", dtRpid;desc="-233021131"
accept-ranges: bytes
content-length: 67539
x-xss-protection: 1; mode=block

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v6.3.0/webfonts/ 146 KB
147 KB 382ms
37ms Font
font/woff2 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.3.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82

Request headers

Referer: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2101751
alt-svc: h3=":443"; ma=86400
content-length: 149908
last-modified: Fri, 22 Sep 2023 01:46:27 GMT
server: cloudflare
etag: "44f8148f80e6c3d60fa6425b0cbb862a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW56a2jNRxbO23JVgOvifWT0YONMv5oHWfWEb4UJ43SFgSTm2hkPwQV2FkcOgNr6AS1wO9LS9vwkhg0nmKAtm%2Bu4uDUjoOTDWGRBeDolv3hAduahirpQAMKx4aB38syOcnRqu9Gt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8403982eb8b84af6-SIN

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1308ms
189ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1304ms
188ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1304ms
181ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1301ms
186ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1299ms
186ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1297ms
187ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK pagestate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 1445ms
180ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/pagestate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

GET
H2 200 en.json Show response
www.premera.com/assets/l10n/ 1004 B
1 KB 182ms
182ms XHR
application/json 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/assets/l10n/en.json

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a891d182b607d20c8b7b6a5c91c362eba45de509230104701c1f82da832ee7a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/visitor?region=pbcwa
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-dtpc: 5$372492004_353h2vTTQMNMGUNNHAIHCMRWTASTGFPREHTSHF-0

Response headers

date: Thu, 04 Jan 2024 12:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
last-modified: Thu, 14 Dec 2023 21:16:52 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
etag: "b0ad3edcd22eda1:0:dtagent10221210805073954IHv4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
server-timing: dtSInfo;desc="0", dtRpid;desc="1662831862"
accept-ranges: bytes
content-length: 692
x-xss-protection: 1; mode=block

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/premera/prod/ 471 KB
101 KB 433ms
40ms Script
application/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Requested by: Host: www.premera.com
URL: https://www.premera.com/main.3a2ef3a2b51c226d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: d7a56ef2f489c95ce7f1f10ebd3f1f2375543652cd0f183822f82d7bcad961c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:13:31 GMT
x-amz-version-id: OvAT_eZjbpnUNyDz2Qw3S8dPrkIwgL4b
content-encoding: br
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1686882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Dec 2023 21:15:19 GMT
server: CloudFront
etag: W/"491cea9fd98b863da2f6b1771d57537d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: iR2u_wxipOPcoxgi0nezaSy5a1-po3MmVFujwpHgSmV_oGwUX1tTcA==

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 6 KB
3 KB 193ms
190ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cb3a1589b34fe9023717a758461adc5a50734198db339cf080ebb9a747d3e71e

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 1373
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 684 B
2 KB 184ms
183ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4ac74a74fc673213ea36d0539fc830df3d8f4f37ead02a1d2ba2d6077bf00ae8

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 8 KB
4 KB 215ms
198ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

032d61322fc1dda049b35c443d63499c20cc2ec604e5e8ff5a3a72df9bc0bd47

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 2961
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 6 KB
3 KB 201ms
199ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cb3a1589b34fe9023717a758461adc5a50734198db339cf080ebb9a747d3e71e

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 1373
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 684 B
2 KB 199ms
198ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

4ac74a74fc673213ea36d0539fc830df3d8f4f37ead02a1d2ba2d6077bf00ae8

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 535
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 8 KB
4 KB 400ms
239ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

032d61322fc1dda049b35c443d63499c20cc2ec604e5e8ff5a3a72df9bc0bd47

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 2961
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK pagestate Show response
contentservices.premera.com/api/v1.0/content/ 11 KB
5 KB 250ms
246ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/pagestate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c2850cf31a1108c634094e71fe8b3b804383e671a513877711e3e5e357fc1ba7

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 409ms
16ms Script
application/x-javascript 117.18.232.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.premera.com
URL: https://www.premera.com/main.3a2ef3a2b51c226d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (sgc/570D) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 04 Jan 2024 12:48:12 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 164
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (sgc/570D)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dacbbec2-f01e-00e5-3c0b-3f0af6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 04 Jan 2024 13:18:12 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 366 B
913 B 948ms
434ms XHR
application/json 34.208.28.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&d_nsid=0&ts=1704372492980

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.208.28.93 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-28-93.us-west-2.compute.amazonaws.com

Software

Resource Hash

39168bbc9eabd8ca83287ee3bc543c5b2ae42ea5318f4e73cb541998feb7d641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-usw2-1-v050-088c667fd.edge-usw2.demdex.com 1 ms
pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: iC55WyK9TV8=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.premera.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 308
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/premera/prod/ 615 B
946 B 31ms
31ms Script
text/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/premera/prod/code/&publishedOn=Fri%20Dec%2015%2021:15:15%20GMT%202023&ClientID=981&PageID=https%3A%2F%2Fwww.premera.com%2Fvisitor
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2c5c7d8b67df2c888a527a697c2ecdcb481a19d26e6fb77a22aa78e0f9f238e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:13 GMT
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 615
x-amz-cf-id: iA4_FJaooPigmvjbfkCCwCehaI0FDC0MpcT-OHNNOPtcj-tYvBBT6A==
expires: Thu, 04 Jan 2024 12:48:12 GMT

GET
H2 200 74f12f611be0e73220747acd3c2c90db.js Show response
nexus.ensighten.com/premera/prod/code/ 123 KB
29 KB 25ms
24ms Script
application/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/74f12f611be0e73220747acd3c2c90db.js?conditionId0=422990
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6144ac29d384db66c5a7b7bb49608715ef4cfcaa51eca9f6e1979cca62ae2472

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:47:39 GMT
x-amz-version-id: WACKLVNnn6GXLFrXexFR7KqZuTCgHmcD
content-encoding: gzip
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 5716835
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 30 Aug 2023 21:11:54 GMT
server: CloudFront
etag: W/"fcba7a15ec00965d92240b62a92bb323"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: FJ_-9wQd-_GQHrFqB06l_CHcQn_GfEQ79FkGYB4iJWhyErLjgrPKKw==

GET
H2 200 aec96b588e23b4a82ff26c6f93384fcb.js Show response
nexus.ensighten.com/premera/prod/code/ 27 KB
4 KB 26ms
24ms Script
application/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/aec96b588e23b4a82ff26c6f93384fcb.js?conditionId0=344128
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: fc846fdb3ef1482baaba7057fe2fb2276da727b37b4204f54abcd65f9fbcb610

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 15:44:43 GMT
x-amz-version-id: Ptx6pv3Pne8MlUN2lnEUqaozs2s0I9kg
content-encoding: gzip
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 5778211
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 17:13:15 GMT
server: CloudFront
etag: W/"f33c6cd23f56d0a08a47a198ca62edcf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 6b5r5hkMVdI23ItT1wsHxQi-OCmR1_qtX-Zume8mqHeIva7k401RCg==

GET
H2 200 127d5389b07effa5ae85b3fd2b1aaebe.js Show response
nexus.ensighten.com/premera/prod/code/ 582 B
1 KB 34ms
33ms Script
application/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/127d5389b07effa5ae85b3fd2b1aaebe.js?conditionId0=4945092
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e8f8c6afd6e91598edf2bde85fcc9ebfabb3cef1d51a7b9d732ef199ba1a1795

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:15:17 GMT
x-amz-version-id: iJyI7PjBNr8Xw9BpxevLxqBqHxqSlTpt
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 2827977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 582
last-modified: Thu, 22 Dec 2022 23:42:04 GMT
server: CloudFront
etag: "48fe017bed57a82d798ac538bcd0fe06"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: dTons2K-kG6Ler1qWlkoTs4rsiJQLSkNYo5Tcw9oc7qplpHK_h-1RQ==

GET
H2 200 d4dffc2ae0491f2214a8202c137b1899.js Show response
nexus.ensighten.com/premera/prod/code/ 1 KB
1 KB 32ms
32ms Script
application/javascript 13.227.254.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/d4dffc2ae0491f2214a8202c137b1899.js?conditionId0=343963
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-97.sin52.r.cloudfront.net
Software: CloudFront /
Resource Hash: b7697a524a5a31a075b67645e5d8d12e71df7bbd51475aeebdd60ed2763a8179

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 04:13:23 GMT
x-amz-version-id: 8Oyoxa4ZE2ULXGXvfYbhLgvYwXbu6ZQj
content-encoding: br
via: 1.1 d19f6de4de1eb10d5b27d86de6b4a7d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 1586090
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 30 Aug 2023 21:31:23 GMT
server: CloudFront
etag: W/"4efe99d48d1b51aa75361fbbf24db1ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: STzGwA0Tb2brWN-7V5JZr9Pt0ZuHX3WBxKxsIBrXHAXe4uLEwPo35Q==

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
17 KB 393ms
24ms Script
application/javascript 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:26:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65836a29-fee9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17567
expires: Thu, 04 Jan 2024 12:48:13 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 366ms
19ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

cf25b6fc323821ae02d0ef3dc2d5f7a5b21bf485a1f2b10bcd4da0e855a763c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jan 2024 12:48:13 GMT
content-md5: Fy/HUbY4mwci2eGgzTOPAw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
reporting-endpoints
x-fb-debug: xJlk7uR6CLL4VfhN8bzod+zGQnsZ7U8kl6xW9if2tHWjtzyDDmUJ1yecbT6fKRpX9gbNTpg+G22mDQCJTTTN/Q==
x-fb-content-md5: e4a41b23af482c1edbdc501b0e341356
cross-origin-opener-policy: same-origin-allow-popups
etag: "f456e17af8ad10330d8fbbb70f7cea2e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 04 Jan 2024 12:49:52 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 442ms
51ms Script
application/javascript 185.84.60.57
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:13 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000007b703250182f83a1-00646c8ee1-32950a8f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
94 KB 63ms
62ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPN0DFWMF0&l=dataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

754045b731b735d94cefc444c72a748a7ce429de95862eff25a3908d48d78ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jan 2024 12:48:13 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 384ms
19ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KPN0DFWMF0&gtm=45je3bt0h1v891061875&_p=1704372492233&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2030860768.1704372493&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1704372493&sct=1&seg=0&dl=https%3A%2F%2Fwww.premera.com%2Fvisitor&dt=Premera%20Blue%20Cross%20%7C%20Visitor&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=4989
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.premera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 401ms
23ms Ping
text/plain 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KPN0DFWMF0&cid=2030860768.1704372493&gtm=45je3bt0h1v891061875&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.premera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 404ms
28ms Image
image/gif 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KPN0DFWMF0&cid=2030860768.1704372493&gtm=45je3bt0h1v891061875&aip=1&dma=0&gcd=11l1l1l1l1&z=1438037515

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 378ms
23ms Image
text/plain 157.240.15.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=564612430308911&ev=PixelInitialized&dl=https%3A%2F%2Fwww.premera.com%2Fvisitor&rl=&if=false&ts=1704372493493

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-03-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Jan 2024 12:48:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 97ms
51ms XHR
text/html 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-40-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:13 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.premera.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
280 B 379ms
17ms XHR
text/html 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-40-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:13 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.premera.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704372493853_389294230_612808936_18_720_8_22_219";dur=1
content-length: 4
expires: Thu, 04 Jan 2024 12:48:13 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 511ms
479ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A13%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Premera%20Blue%20Cross%20%7C%20Visitor%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 509ms
478ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Jan%202024%2012%3A48%3A13%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%220cc4d57901cda49e8f6c83086554ef5d%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Jan%202024%2012%3A48%3A13%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2004%20Jan%202024%2012%3A48%3A13%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Premera%20Blue%20Cross%20%7C%20Visitor%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24

842 B
1 KB

499ms
499ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a9b3e89a61bfe0840c51a68d163d77ea087ec9a88f1445ad85f6b824b5f09dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 684
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2169311&ADFdivider=%7C&ord=432698258846&ADFtpmode=2&loc=https%3A%2F%2Fwww.premera.com%2Fvisitor&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 dest5.html Show response
premera.demdex.net/ Frame 8912 7 KB
3 KB 474ms
465ms Document
text/html 34.208.28.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.208.28.93 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-28-93.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.premera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 04 Jan 2024 12:48:14 GMT
dcs: dcs-prod-usw2-1-v050-04f5d106a.edge-usw2.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Sun, 12 Nov 2023 19:57:06 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: R8pwcqqRST8=

GET
H2 200 id Show response
smetrics.premera.com/ 48 B
459 B 1090ms
423ms XHR
application/x-javascript 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.premera.com/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&mid=23713586733940706923552903752304844190&ts=1704372493938

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

725b6b0d286e9f4e022d838b46837f5028eb471ccb52465e506c9c0a7be3677b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.premera.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZZapDgAAAI86DwN8
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=23236567143668288703574160996395182204
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZapDgAAAI86DwN8

42 B
717 B

226ms
226ms

Image
image/gif

34.208.28.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZapDgAAAI86DwN8

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Server

34.208.28.93 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-28-93.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-usw2-1-v050-006f428d5.edge-usw2.demdex.com 1 ms
pragma: no-cache
date: Thu, 04 Jan 2024 12:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Ic9qWcokTn8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZapDgAAAI86DwN8
Date: Thu, 04 Jan 2024 12:48:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 184ms
179ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 214ms
185ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 205ms
179ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 594 B
2 KB 239ms
191ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d391bd873b4c465eedece01181731760c0ae8a700ad442dcc309d56114eda964

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Content-Length: 474
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 2 KB
2 KB 337ms
186ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8d0650caa16deff37249de25ab4acfb7dcd901fd2a22c24505068c93fa6795f7

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET
Content-Length: 847
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 8 KB
4 KB 216ms
185ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

032d61322fc1dda049b35c443d63499c20cc2ec604e5e8ff5a3a72df9bc0bd47

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET
Content-Length: 2961
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

GET
H2 200 pbc_logo.svg
www.premera.com/assets/image/logos/ 9 KB
10 KB 193ms
192ms Image
image/svg+xml 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.premera.com/assets/image/logos/pbc_logo.svg

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4df91b59851687a2e21d47c94c99ecebc470a267e68a261582d2dc52a566eb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: "2791cfddd22eda1:0"
x-frame-options: sameorigin
content-type: image/svg+xml
server-timing: dtSInfo;desc="0", dtRpid;desc="1108895534"
accept-ranges: bytes
content-length: 9262
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 193ms
193ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 325ms
182ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 347ms
183ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 594 B
2 KB 351ms
188ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d391bd873b4c465eedece01181731760c0ae8a700ad442dcc309d56114eda964

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 2 KB
2 KB 242ms
184ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8d0650caa16deff37249de25ab4acfb7dcd901fd2a22c24505068c93fa6795f7

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK componentstate Show response
contentservices.premera.com/api/v1.0/content/ 8 KB
4 KB 217ms
186ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/componentstate

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

032d61322fc1dda049b35c443d63499c20cc2ec604e5e8ff5a3a72df9bc0bd47

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

GET
H2 200 information Show response
member-edge.premera.com/api/v1.0/environment/ 218 B
1000 B 748ms
187ms XHR
application/json 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member-edge.premera.com/api/v1.0/environment/information

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b1758ea0215ce1c48590bb41cdbf9610a587b1fc684a3eca5c21e120e7a26b60

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-security-policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.premera.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:c3959ec6-8485-4ec4-a6db-50eab653e1fe

GET
H/1.1 200
OK information Show response
contentservices.premera.com/api/v1.0/environment/ 127 B
1 KB 339ms
184ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/environment/information?scope=member

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b6594ba315eccd5b24b56b68c6753c3a84a4517683d2c7c1559e633f484b6628

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

GET
H2 200 information Show response
member-edge.premera.com/api/v1.0/environment/ 218 B
1006 B 748ms
191ms XHR
application/json 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member-edge.premera.com/api/v1.0/environment/information

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b1758ea0215ce1c48590bb41cdbf9610a587b1fc684a3eca5c21e120e7a26b60

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-security-policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.premera.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:c3959ec6-8485-4ec4-a6db-50eab653e1fe

GET
H/1.1 200
OK information Show response
contentservices.premera.com/api/v1.0/environment/ 127 B
1 KB 356ms
191ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/environment/information?scope=member

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b6594ba315eccd5b24b56b68c6753c3a84a4517683d2c7c1559e633f484b6628

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true

GET
H2 200 apple-store-badge.svg
www.premera.com/assets/image/ 13 KB
6 KB 292ms
289ms Image
image/svg+xml 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.premera.com/assets/image/apple-store-badge.svg

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

be999a2f77678e0b7155281c883fe61899e1063389bbbcd85b26c85c6e6f79b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
etag: "80502dcd22eda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
server-timing: dtSInfo;desc="0", dtRpid;desc="-1414805964"
accept-ranges: bytes
content-length: 5755
x-xss-protection: 1; mode=block

GET
H2 200 google-play-badge.svg
www.premera.com/assets/image/ 18 KB
19 KB 475ms
473ms Image
image/svg+xml 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.premera.com/assets/image/google-play-badge.svg

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2ba138e8311ad674c8d4b31d19d3b2f5f0472a33eab5b547f46c2ef35eaf3d26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: "27e858dcd22eda1:0"
x-frame-options: sameorigin
content-type: image/svg+xml
server-timing: dtSInfo;desc="0", dtRpid;desc="-1414917288"
accept-ranges: bytes
content-length: 18335
x-xss-protection: 1; mode=block

GET
H2 200 ncqa-accredited-transparent.png
www.premera.com/assets/image/ 10 KB
11 KB 290ms
288ms Image
image/png 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.premera.com/assets/image/ncqa-accredited-transparent.png

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5c354a8011388e5bcc00d378d43cff0dca5074fe3bec5815b9c9570ff74fbd75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
content-security-policy: frame-ancestors 'none'
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Dec 2023 21:16:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: "192273dcd22eda1:0"
x-frame-options: sameorigin
content-type: image/png
server-timing: dtSInfo;desc="0", dtRpid;desc="1772013871"
accept-ranges: bytes
content-length: 10525
x-xss-protection: 1; mode=block

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v6.3.0/webfonts/ 105 KB
106 KB 37ms
37ms Font
font/woff2 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.3.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f461742308b7791fee6e9698e1212aa6e8fd1d5e5b41795bfd68e93aa011073d

Request headers

Referer: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2097380
alt-svc: h3=":443"; ma=86400
content-length: 108000
last-modified: Fri, 22 Sep 2023 01:46:28 GMT
server: cloudflare
etag: "83a42241ada98e0f959353ca0c3ee027"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mNNF1u9GSsyXHJ0g%2FkuRs0ptguBJbbjh1w3KBavklx5m7bCz7Oxeq4zxljEdB6ifuI4a4quoiiinxluz7FAH9WYRSOjT0%2BjbXBdUYliPpQOGWpmqwmQTTXFguDq5VS8VPrtDOwJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840398385dbe4af6-SIN

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v6.3.0/webfonts/ 24 KB
25 KB 70ms
70ms Font
font/woff2 172.64.140.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v6.3.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b

Request headers

Referer: https://use.fontawesome.com/releases/v6.3.0/css/all.css
Origin: https://www.premera.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2156804
alt-svc: h3=":443"; ma=86400
content-length: 24840
last-modified: Fri, 22 Sep 2023 01:46:27 GMT
server: cloudflare
etag: "3f505ed834ca9466cf7efc2806b86604"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BAomOEE4319ELk2a67HgUOcT76W4B5j0v6xFjvRVhDe4jWhhUGTV7ZtPQPWWFpPr7XSskIM21%2BDf7JQnf9gi5tUteLqXmQnKG8WzqqzWj17rQsDq1y8vDaU3%2FT6fNfmQV0Wbzm7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840398385dc14af6-SIN

OPTIONS
H/1.1 200
OK alerts
contentservices.premera.com/api/v1.0/content/ Frame 0
0 328ms
184ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/alerts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,correlationid
Access-Control-Allow-Origin: https://www.premera.com
Content-Length: 0
Date: Thu, 04 Jan 2024 12:48:13 GMT
X-Powered-By: ASP.NET

POST
H/1.1 204
No Content alerts Show response
contentservices.premera.com/api/v1.0/content/ 0
1 KB 205ms
205ms XHR
text/plain 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://contentservices.premera.com/api/v1.0/content/alerts

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: CgIrE
Accept: application/json, text/plain, */*
Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
Date: Thu, 04 Jan 2024 12:48:14 GMT
X-Powered-By: ASP.NET
X-Frame-Options: sameorigin
Access-Control-Allow-Origin: https://www.premera.com
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:71d2f0e3-fced-4c4c-a6ec-ed684fe19d52

GET
H2 200 5M2_A8_0273_900x600.jpg
www.premera.com/images/pbc/cards/ 96 KB
96 KB 321ms
318ms Image
image/jpeg 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.premera.com/images/pbc/cards/5M2_A8_0273_900x600.jpg
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c0068ffecc728b7fdef54dd5fd864c2d8b8a041d4a83216cdb176f5d19eedb39

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
last-modified: Fri, 27 Oct 2023 18:56:10 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: public
server-timing: dtSInfo;desc="0", dtRpid;desc="-1215433014"
accept-ranges: bytes
content-length: 98215

GET
H2 200 3J_GS42294_900x600.jpg
www.premera.com/images/pbc/cards/ 120 KB
120 KB 510ms
508ms Image
image/jpeg 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.premera.com/images/pbc/cards/3J_GS42294_900x600.jpg
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6c790ab9b630dacdc583056067dbaf6ae8a38bc6915657042cd6ebd6f7b7ad1a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
last-modified: Thu, 26 Oct 2023 18:23:28 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: public
server-timing: dtSInfo;desc="0", dtRpid;desc="-92156849"
accept-ranges: bytes
content-length: 122827

GET
H2 200 3Q_CC56856_900x600.jpg
www.premera.com/images/pbc/cards/ 125 KB
125 KB 509ms
507ms Image
image/jpeg 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.premera.com/images/pbc/cards/3Q_CC56856_900x600.jpg
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ec7a624f9b56647347c081267f0b7897d03845ea413e82f4d41010a53c8401ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
last-modified: Thu, 26 Oct 2023 18:20:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: public
server-timing: dtSInfo;desc="0", dtRpid;desc="1143606614"
accept-ranges: bytes
content-length: 127870

GET
H2 200 5U1_B19_0117_900x600.jpg
www.premera.com/images/pbc/cards/ 105 KB
105 KB 510ms
508ms Image
image/jpeg 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.premera.com/images/pbc/cards/5U1_B19_0117_900x600.jpg
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cc6dc6932d4ebab6c50374fd388d83b0836efa61ac92caaca3d1cb5cbe3c02ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
last-modified: Thu, 26 Oct 2023 18:20:43 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: public
server-timing: dtSInfo;desc="0", dtRpid;desc="257514351"
accept-ranges: bytes
content-length: 107463

GET
H2 200 Kinwell-primary-care-clinic_900x600.jpg
www.premera.com/images/pbc/cards/ 80 KB
80 KB 509ms
508ms Image
image/jpeg 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.premera.com/images/pbc/cards/Kinwell-primary-care-clinic_900x600.jpg
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6775c13d13cf0a8e5cceaa70e793dc6299c2a7e0934262a484bf3dd73152b6ea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/visitor
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
last-modified: Thu, 22 Dec 2022 20:37:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: public
server-timing: dtSInfo;desc="0", dtRpid;desc="333891200"
accept-ranges: bytes
content-length: 81625

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 520ms
520ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A13%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%221004%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 s23243612718005
smetrics.premera.com/b/ss/premeraglobal/1/JS-2.22.4/ 43 B
330 B 445ms
444ms Image
image/gif 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.premera.com/b/ss/premeraglobal/1/JS-2.22.4/s23243612718005?AQB=1&ndh=1&pf=1&t=4%2F0%2F2024%2020%3A48%3A15%204%20-480&mid=23713586733940706923552903752304844190&aamlh=9&ce=UTF-8&pageName=Homepage&g=https%3A%2F%2Fwww.premera.com%2Fvisitor&c.&visitorAPI=VisitorAPI%20Present&.c&ch=Homepage&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=www.premera.com%2Fvisitor&c3=New&c4=JS-2.22.4&c5=Website&c6=23713586733940706923552903752304844190&c7=Premera%20WA&c8=Public%20Home%20Page&c9=Unauthenticated&c12=Not%20Mobile&c13=Not%20Mobile&c14=www.premera.com&c15=prod&c16=First%20Visit&c18=2022-08-02&v21=D%3Dc6&v91=D%3DpageName&v92=D%3DpageName&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&AQE=1

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 12:48:15 GMT
server: jag
etag: 3660112064822935552-4617807264394523791
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03 Jan 2024 12:48:15 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 485ms
484ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
107 B 283ms
86ms Image
text/plain 54.238.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=981&i=7pot4u&p=prod&s=2165&d=8Gx7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjk4MSwicHVibGlzaFBhdGgiOiJwcm9kIiwiaW5zdGFuY2VJZCI6Ijdwb3Q0dSIsInBhY2tldCI6MCwibW9kZSI6ImVuZm9yY2VWAPIqb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHZW5lcmljIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0sgDzdmh0dHBzOi8vc3RhdHMuZy5kb3VibGVjbGljay5uZXQvZy9jb2xsZWN0P3Y9MiZ0aWQ9Ry1LUE4wREZXTUYwJmNpZD0yMDMwODYwNzY4LjE3MDQzNzI0OTMmZ3RtPTQ1amUzYnQwaDF2ODkxMDYxODc1JmFpcD0xJmRtYT0wJmdjZD0xMWwCAPUQIiwidHlwZSI6InNlbmRCZWFjb24iLCJzdGFydCI6MVwAMDM1NOwAHWQUAFBzb3VyY0AA8gNTRU5EQkVBQ09OX01BTkFHRVJIANF0dXMiOiJhbGxvd2VkGQFAYXNvbhgB1F0sImRhdGFQYXR0ZXISALNsaXN0IjpbXSwiaW0AvzAyMTY2MTIxMH0sSgEF8gBjb25uZWN0LmZhY2Vib29HAddlbl9VUy9mYmRzLmpz6ABSY3JpcHScAArkAD0wOTbkAFU0OTQsIuQAMW11dMUBok9ic2VydmVyQ0xIAALkAD9sb2HhACF_MjgwMjgwMOEAC4YuNnNjLmNvL8gAMnhocn0ACsUAPTUwMMUAARQABcUAP1hIUqIBO68yMzgyNzc4NTI1ogEID8EAGB8ywQAAFzOGAQ_BAEcfN8EAB09pcHY2xAAYHzPEAF2PNjAyMzIwNzAnAwkPxAAcHzXEAAAfNYgBSQXEAB8yiAEHFGqFAX82c2kubWlu3AMWD84AARc3zgDCaW5zZXJ0QmVmb3JlWQMP1gMqjzQzMDE5NjExkAEJD8wAJg6oBCg1MMwAD6gEQgXSAB8xngEHkXMyLmFkZm9ybckGkWJhbm5lcnMvc3MF_wZzL3N0L3RyYWNrcG9pbnQtYXN5bmO_ARQuMTB_Big2MxUED_MAQtA1NTAwMTQ2NzMzfV19
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.238.98.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:15 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Jan 2024 12:48:14 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 7DB1 4 KB
2 KB 578ms
90ms Document
text/html 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

531fdf1e20bb2c6c556ca43167fffe7847d165d0d28e9720ef0558c2b7096c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.premera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 12:48:16 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 1736ms
68ms Image
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=6985292829669439587&stamp=rKt4h0uzBz0DvP-67D9Y4w2

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DB1 0
384 B 113ms
112ms Image
text/plain 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 7DB1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096

43 B
422 B

60ms
60ms

Image
image/gif

52.77.120.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 52.77.120.78 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-120-78.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 04 Jan 2024 12:48:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=6985292829669439587&Expiration=1705582096
access-control-allow-origin: *
date: Thu, 04 Jan 2024 12:48:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 7DB1 0
400 B 270ms
203ms Image
text/plain 23.73.14.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.73.14.39 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-14-39.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 12:48:16 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 03 Jan 2024 12:48:16 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7DB1 0
661 B 575ms
26ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc2b9026541f49c9c095b4cedfcedb9a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 7DB1 0
38 B 578ms
187ms Image
text/plain 18.196.5.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6985292829669439587&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.5.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-5-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:16 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DB1
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6985292829669439587&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=3013985329048584307

35 B
600 B

64ms
63ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=3013985329048584307

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=3013985329048584307
pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 7DB1 43 B
639 B 1854ms
29ms Image
image/gif 139.99.123.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.99.123.150 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ads14-sgp.stickyadstv.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 12:48:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1704372498064028-78

GET
H2

200

/
onetag-sys.com/match/ Frame 7DB1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6985292829669439587
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=6985292829669439587
https://onetag-sys.com/match/?int_id=30&uid=15b92a6c-be37-4fe9-bd8a-08fafcacef9b&gdpr=&gdpr_consent=&us_privacy=

0
201 B

70ms
26ms

Image
text/plain

51.79.152.76
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=15b92a6c-be37-4fe9-bd8a-08fafcacef9b&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

51.79.152.76 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip76.ip-51-79-152.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=15b92a6c-be37-4fe9-bd8a-08fafcacef9b&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 04 Jan 2024 12:48:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7DB1
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096&C=1

43 B
333 B

90ms
90ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlMrAcus3hQ9YztBwJbbh3ArCAlGmW5eGtyrjEgp2civ4cmCbGGzqcwFZQqw8JVrhb%2FFD2Q9c8v6PkGe5xFWhPgr96ncLOvaURJ1KnfNo0qZTh7HA6orFYSflKX0VSfEuUai2lC5v5fR4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84039849bbd13f76-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8gw93BR6fPrZ5OJzv%2B9B8zM6eA0wcDX93mUfK1a%2BYZvtPuFxsDYuONEDZOGVOSIrrrzb8kwkFevkAeEu9t5fk8laFtrcNplxpwiQchc4qb5%2FFr%2B49uIYqZnqlw6pLQlvi3xU1Ga6WzGSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=6985292829669439587&expiration=1705582096&C=1
cache-control: no-cache
cf-ray: 840398491afd3f76-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 7DB1
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external

42 B
220 B

65ms
65ms

Image
image/gif

119.9.108.180
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Server: 119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

uip-response-status: FallbackResponse
date: Thu, 04 Jan 2024 12:48:19 GMT
frontend-id: 0
content-length: 42
routing-server-id: 1
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:19 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /adform/1/info2?sType=sync&sExtCookieId=6985292829669439587&sInitiator=external
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 7DB1
Redirect Chain

https://ps.eyeota.net/match?uid=6985292829669439587&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=6985292829669439587&bid=9gdtmu1

70 B
440 B

49ms
49ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=6985292829669439587&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Server: 18.141.80.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 04 Jan 2024 12:48:16 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=6985292829669439587&bid=9gdtmu1
Date: Thu, 04 Jan 2024 12:48:16 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 7DB1 0
324 B 781ms
273ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 7DB1
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=6985292829669439587
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjk4NTI5MjgyOTY2OTQzOTU4NxAAGg0IkNLarAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=332d528bac508e1d0cb12c161018a0d90c29aa30fdb0c72e6953be27e4f6e35d791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzMzJkNTI4YmFjNTA4ZTFkMGNiMTJjMTYxMDE4YTBkOTBjMjlhYTMwZmRiMGM3MmU2OTUzYmUyN2U0ZjZlMzVkNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzMzJkNTI4YmFjNTA4ZTFkMGNiMTJjMTYxMDE4YTBkOTBjMjlhYTMwZmRiMGM3MmU2OTUzYmUyN2U0ZjZlMzVkNzkxNDI2YjU0MTdkY2UyMRAAGgwIkdLarAYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=298e82dc-52ad-4e6d-9408-6dcaf35b636d

42 B
60 B

232ms
232ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=298e82dc-52ad-4e6d-9408-6dcaf35b636d
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 04 Jan 2024 12:48:17 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=298e82dc-52ad-4e6d-9408-6dcaf35b636d
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/ Frame 7DB1
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent=

49 B
541 B

73ms
73ms

Image
image/gif

13.251.203.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 13.251.203.156 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-203-156.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.13.78
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6985292829669439587/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.42.23.84
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 7DB1 62 B
431 B 374ms
211ms Image
image/gif 23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 04 Jan 2024 12:48:16 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7DB1
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6985292829669439587
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6985292829669439587

43 B
171 B

35ms
34ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6985292829669439587
date: Thu, 04 Jan 2024 12:48:16 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7DB1
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

574ms
197ms

Image
image/gif

52.218.121.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Server: 52.218.121.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 12:48:18 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 9P5K88QBCNBESA9V
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 204PfbcdEW4zjpGvtU8G/tMuGEmKUXULbFWr0AqKcSQEqp/8o3v6PhI8ADIQ+4IrFOQrhUFZuIw=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 04 Jan 2024 12:48:16 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7DB1 0
338 B 664ms
214ms Image
text/plain 52.34.247.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.247.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-247-233.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n005-pdx-prod.krxd.net
date: Thu, 04 Jan 2024 12:48:17 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1704372497
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 7DB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Njk4NTI5MjgyOTY2OTQzOTU4Nw
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=Njk4NTI5MjgyOTY2OTQzOTU4Nw&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFTJ2DhMjh9Dn59Xpo5aWbE&google_cver=1&google_ula=1641347,0

35 B
591 B

100ms
100ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFTJ2DhMjh9Dn59Xpo5aWbE&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFTJ2DhMjh9Dn59Xpo5aWbE&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DB1 0
384 B 106ms
104ms Image
text/plain 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 7DB1
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=7018147249459584594&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6985292829669439587

43 B
828 B

29ms
29ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6985292829669439587

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
an-x-request-uuid: 8d80d766-712d-423d-adaa-05fe8fa6687e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 116.86.254.31; 116.86.254.31; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=6985292829669439587
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 7DB1 42 B
473 B 99ms
45ms Image
image/gif 207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 04 Jan 2024 08:40:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 7DB1 43 B
444 B 123ms
31ms Image
image/gif 18.155.68.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-97.sin52.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 04:20:03 GMT
Via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: SIN52-P1
Age: 30494
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: 58W5aAkFwiigMI2MpODaWWnC3n9tSz4bzzogXjBNJcOT9GNw2Agg-Q==

GET
H/1.1

200

p
a.audrte.com/ Frame 7DB1
Redirect Chain

https://a.audrte.com/a?adform_uid=6985292829669439587
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTlhRWNCdEN0bGtUNUNNY0N5UndRLWE1Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&gdpr=0&gdpr_consent=
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
https://a.audrte.com/match?uid=34bae1b1-2e7c-4937-bb1b-9a56fb789d76&p=560038091
https://a.audrte.com/p

68 B
424 B

206ms
206ms

Image
image/png

54.217.36.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: HTTP/1.1
Server: 54.217.36.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 12:48:18 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 04 Jan 2024 12:48:18 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DB1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6985292829669439587&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://c1.adform.net/serving/cookie/match?party=1007&cid=23236567143668288703574160996395182204&noredirect=1

35 B
591 B

52ms
51ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=23236567143668288703574160996395182204&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-usw2-2-v050-0307c03ea.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: BS8MDR+wS5Q=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=23236567143668288703574160996395182204&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DB1
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6985292829669439587
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209120804751002279192

35 B
591 B

88ms
50ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209120804751002279192

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
via: 1.1 0a7b620f0f14feda0f8b9c00e925e1a4.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: SIN52-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=209120804751002279192
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: Ww1FodneNvVSagFwVH-3CN8dXfIsda4zP0b9NBlunc4ggp2xidJAkQ==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DB1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7320224134836320413

35 B
591 B

54ms
54ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7320224134836320413

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7320224134836320413
Date: Thu, 04 Jan 2024 12:48:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 7DB1 62 B
360 B 233ms
232ms Image
image/gif 23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-216.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 04 Jan 2024 12:48:17 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 7DB1
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=dyLpTdU61Rln8Z5

35 B
591 B

53ms
53ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=dyLpTdU61Rln8Z5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 04 Jan 2024 12:48:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=dyLpTdU61Rln8Z5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DB1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=afa56096-9f4e-435e-a68f-89af817c10f8

35 B
591 B

90ms
50ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=afa56096-9f4e-435e-a68f-89af817c10f8

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=afa56096-9f4e-435e-a68f-89af817c10f8
date: Thu, 04 Jan 2024 12:48:17 GMT
server: Kestrel
content-length: 225

GET
H2

400

3.gif
id5-sync.com/c/10/112/0/ Frame 7DB1
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6985292829669439587
https://id5-sync.com/c/10/10/2/1.gif?puid=6985292829669439587&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=7018147249459584594&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F10%2F112%2F0%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/10/112/0/3.gif?puid=${UIPID}&gdpr=0&gdpr_consent=

0
0

327ms
327ms

Image
text/html

162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/10/112/0/3.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: ns31533567.ip-162-19-138.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

location: https://id5-sync.com/c/10/112/0/3.gif?puid=${UIPID}&gdpr=0&gdpr_consent=
uip-response-status: FallbackResponse
date: Thu, 04 Jan 2024 12:48:21 GMT
frontend-id: 0
content-length: 0
routing-server-id: 1

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 7DB1
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=927263252
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Azw9CSh1VWokBNs5VXm18e

35 B
591 B

52ms
51ms

Image
image/gif

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Azw9CSh1VWokBNs5VXm18e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
via: 1.1 google
last-modified: Thu, 04 Jan 2024 12:48:17 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Azw9CSh1VWokBNs5VXm18e
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7DB1 23 B
278 B 195ms
93ms Image
image/gif 23.44.1.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.1.77 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-44-1-77.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 12:48:17 GMT
pragma: no-cache
date: Thu, 04 Jan 2024 12:48:17 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

cs
cs.lkqd.net/ Frame 7DB1
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6985292829669439587
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=06fe7ad8c0&gdpr=0&gdpr_consent=

43 B
521 B

738ms
240ms

Image
image/gif

69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=06fe7ad8c0&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:18 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 04 Jan 2024 12:48:17 GMT
via: 1.1 e458de70cfe2237c659d4e5f2ae84564.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=06fe7ad8c0&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -wTqJhV_9mSFqxNPeDRwbb-CiNZzOlJKJJd_AJphCpyW21jOP0YXrA==

GET
H2 200 6985292829669439587
match.contentexchange.me/adform/ Frame 7DB1 0
49 B 653ms
214ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6985292829669439587?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 7DB1
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6985292829669439587&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6985292829669439587&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

63ms
63ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6985292829669439587&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 04 Jan 2024 12:48:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6985292829669439587&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 04 Jan 2024 12:48:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 put
e1.emxdgt.com/ Frame 7DB1 0
44 B 62ms
15ms Image
text/plain 52.76.42.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=6985292829669439587
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.42.3 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-42-3.ap-southeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 7DB1 0
384 B 105ms
104ms Image
text/plain 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6985292829669439587&agencyId=7028&advertiserId=2078556&src=tp&rnd=861911
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 492ms
491ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 476ms
475ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A16%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224007%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 86ms
86ms Image
text/plain 54.238.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=981&i=7pot4u&p=prod&s=464&d=8Gx7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjk4MSwicHVibGlzaFBhdGgiOiJwcm9kIiwiaW5zdGFuY2VJZCI6Ijdwb3Q0dSIsInBhY2tldCI6MSwibW9kZSI6ImVuZm9yY2VWAPIqb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHZW5lcmljIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0sgDwYGh0dHBzOi8vYzEuYWRmb3JtLm5ldC9pbWF0Y2gvcGl4ZWxzP3VpZD02OTg1MjkyODI5NjY5NDM5NTg3JmFnZW5jeUlkPTcwMjgmYWR2ZXJ0aXNlcklkPTIwNzg1NTYmc3JjPXRwJnJuZD04NjE5MQkB8AV0eXBlIjoiaWZyYW1lIiwic3Rhct4AwDcwNDM3MjQ5NTY1M8wASmQiOjEUAFFzb3VyYzwAgm5uZXJIVE1MPwDRdHVzIjoiYWxsb3dlZPAAQGFzb27vANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlkANAzNzI0MzAzNjAwfV19
Requested by: Host: www.premera.com
URL: https://www.premera.com/visitor
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.238.98.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:18 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Jan 2024 12:48:17 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-KPN0DFWMF0&gtm=45je3bt0h1v891061875&_p=1704372492233&gcd=11l1l1l1l1&dma=0&cid=2030860768.1704372493&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704372493&sct=1&seg=1&dl=https%3A%2F%2Fwww.premera.com%2Fvisitor&dt=Premera%20Blue%20Cross%20%7C%20Visitor&en=page_view&_ee=1&_et=104&tfd=10127
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 12:48:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.premera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 483ms
483ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225008%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Requested by

Host: www.premera.com
URL: https://www.premera.com/visitor

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 90ms
90ms Image
text/plain 54.238.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=981&i=7pot4u&p=prod&s=326&d=8Gx7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjk4MSwicHVibGlzaFBhdGgiOiJwcm9kIiwiaW5zdGFuY2VJZCI6Ijdwb3Q0dSIsInBhY2tldCI6MiwibW9kZSI6ImVuZm9yY2VWAPIqb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHZW5lcmljIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0sgDwGSIsInR5cGUiOiJiaWxsaW5nIiwic3RhcnQiOjE3MDQzNzI0OTg5OTFdAMBkIjotMSwic291cmMyAAIrAGF0dXMiOiJmAEBhc29uZQDUXSwiZGF0YVBhdHRlchIAwmxpc3QiOltdLCJpZF0AwDM3MjQ5ODk5MX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.238.98.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:19 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Jan 2024 12:48:18 GMT

POST
H2 200 rb_bf03933pyk Show response
www.premera.com/ 121 B
943 B 187ms
186ms XHR
text/plain 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/rb_bf03933pyk?type=js3&sn=v_4_srv_5_sn_83780AA6FC65A162405BFF60548A4708_perc_100000_ol_0_mul_1_app-3Ab98b8d57d70d04a8_1&svrid=5&flavor=post&vi=TTQMNMGUNNHAIHCMRWTASTGFPREHTSHF-0&modifiedSince=1702486338323&rf=https%3A%2F%2Fwww.premera.com%2Fvisitor%3Fregion%3Dpbcwa&bp=3&app=79ee6f22664df70c&crc=1688402842&en=n7rt6vxn&end=1

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e1d35ddf28babc2dd0de23819adda4548ce7bac4314faabb8f300550bbc1998

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

x-dtreferer: https://www.premera.com/visitor?region=pbcwa
Referer: https://www.premera.com/visitor
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 12:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-xss-protection: 1; mode=block

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 541ms
194ms Preflight 40.79.170.242

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.170.242 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 04 Jan 2024 12:48:19 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
283 B 180ms
179ms XHR
application/json 40.79.170.242

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.170.242 -, , ASN (),

Reverse DNS

Software

Resource Hash

1cc2303393a23210efcd044e17d74d8c5571e90baa930c4bd8d905f2969296dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.premera.com/
accept-language: zh-SG,zh;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 44DEDC94-4377-49D4-BF75-9A0140CA1AA2
strict-transport-security: max-age=31536000
date: Thu, 04 Jan 2024 12:48:19 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 481ms
481ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A18%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226009%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 rb_bf03933pyk Show response
www.premera.com/ 121 B
934 B 196ms
195ms XHR
text/plain 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e1d35ddf28babc2dd0de23819adda4548ce7bac4314faabb8f300550bbc1998

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

x-dtreferer: https://www.premera.com/visitor?region=pbcwa
Referer: https://www.premera.com/visitor
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 12:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 1170ms
1169ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227010%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 88ms
88ms Image
text/plain 54.238.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=981&i=7pot4u&p=prod&s=1488&d=8Gx7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjk4MSwicHVibGlzaFBhdGgiOiJwcm9kIiwiaW5zdGFuY2VJZCI6Ijdwb3Q0dSIsInBhY2tldCI6MywibW9kZSI6ImVuZm9yY2VWAPIqb29raWVzIjp7fSwiZW52aXJvbm1lbnQiOiJHZW5lcmljIiwicmVxdWVzdHMiOlt7ImRlc3RpbmF0sgDwYGh0dHBzOi8vYzEuYWRmb3JtLm5ldC9pbWF0Y2gvcGl4ZWxzP3VpZD02OTg1MjkyODI5NjY5NDM5NTg3JmFnZW5jeUlkPTcwMjgmYWR2ZXJ0aXNlcklkPTIwNzg1NTYmc3JjPXRwJnJuZD04NjE5MQkB8BV0eXBlIjoiaWZyYW1lIiwic3RhcnQiOjE3MDQzNzI0OTU2NTPMABdkFACwODkzOSwic291cmM8ALJyZW1vdmVDaGlsZEEAkHR1cyI6ImxvYRAAYHJlYXNvbu4A1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWMAAHYAjzMwMzYwMH0sIAGTHzQgAQxvYXBwZW5kIAE-HzEgAZUfNSABDDFtdXQBA69PYnNlcnZlckNMRwI5HzInAQcwZGMucgDzEmljZXMudmlzdWFsc3R1ZGlvLmNvbS92Mi90cmFjayIsIiQDMnhocpkACSEDTDkwNDLhAAIUAAUhA7JYSFJfTUFOQUdFUkEAAiEDb2FsbG93ZSQDIo80NjU3ODE3Md0AwsA0NjU3ODE3MTJ9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.238.98.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:20 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 04 Jan 2024 12:48:19 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 480ms
479ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A20%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%228012%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 rb_bf03933pyk Show response
www.premera.com/ 121 B
934 B 191ms
190ms XHR
text/plain 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.premera.com/rb_bf03933pyk?type=js3&sn=v_4_srv_5_sn_83780AA6FC65A162405BFF60548A4708_perc_100000_ol_0_mul_1_app-3Ab98b8d57d70d04a8_1&svrid=5&flavor=post&vi=TTQMNMGUNNHAIHCMRWTASTGFPREHTSHF-0&modifiedSince=1702486338323&rf=https%3A%2F%2Fwww.premera.com%2Fvisitor&bp=3&app=79ee6f22664df70c&crc=2557638353&en=n7rt6vxn&end=1

Requested by

Host: www.premera.com
URL: https://www.premera.com/ruxitagentjs_ICA2NVfghjqrux_10221210805073954.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e1d35ddf28babc2dd0de23819adda4548ce7bac4314faabb8f300550bbc1998

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.premera.com/visitor
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 12:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 484ms
483ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229013%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 482ms
482ms Image
image/gif 23.52.40.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=0cc4d57901cda49e8f6c83086554ef5d&svisitor=null&visitor=5bb6f80c-86a0-453c-8216-6a7d08cb2a27&session=2f36cd48-ab50-4328-8c16-87fb3087138e&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2004%20Jan%202024%2012%3A48%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%2210014%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Home%20%7C%20Premera%20Blue%20Cross%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.premera.com%2Fvisitor&pageViewId=f2c6e5a8-cfc5-40f2-8bba-0048909a48aa&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.40.154 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-40-154.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:48:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.premera.com
URL: https://www.premera.com/pbc.css

Domain: www.premera.com
URL: https://www.premera.com/pbc.css

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.premera.com/	1969-12-31 23:59:59	Name: wwwpstickCORS Value: ab1c35e7fcc760f9e43138dceab5ecfb
www.premera.com/	1969-12-31 23:59:59	Name: wwwpstick Value: ab1c35e7fcc760f9e43138dceab5ecfb
www.premera.com/	1970-01-21 02:13:14	Name: EktGUID Value: 7214bf3a-e625-4a23-be00-319991fc48b5
www.premera.com/	1969-12-31 23:59:59	Name: ecm Value: user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.premera.com&SiteLanguage=1033
www.premera.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: e2chejm0md2ad0s3hozve3a2
.premera.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_5_sn_83780AA6FC65A162405BFF60548A4708_perc_100000_ol_0_mul_1_app-3Ab98b8d57d70d04a8_1
www.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: d04616e3fd3a7781f5bef89453c24a1e
www.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: d04616e3fd3a7781f5bef89453c24a1e
.premera.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1704372492008KS53IHC2B4C3MQ9846NCBNGSC5GK34HM
.premera.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.premera.com/	1969-12-31 23:59:59	Name: dtLatC Value: 1192
.premera.com/	1970-01-20 21:48:17	Name: pbcLocale Value: en-us
.premera.com/	1970-01-20 21:48:17	Name: pbcRegion Value: pbcwa
.premera.com/	1970-01-21 03:02:12	Name: AMCV_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: T
www.premera.com/	1970-01-21 02:11:48	Name: ai_user Value: mobE3\|2024-01-04T12:48:13.036Z
.premera.com/	1970-01-21 03:02:12	Name: _ga Value: GA1.1.2030860768.1704372493
.premera.com/	1970-01-20 18:09:24	Name: s_nr Value: 1704372493366-New
.premera.com/	1970-01-21 03:02:12	Name: s_days Value: 1704372493368
.premera.com/	1970-01-20 17:26:14	Name: s_days_s Value: First%20Visit
.premera.com/	1970-01-21 03:02:12	Name: _ga_KPN0DFWMF0 Value: GS1.1.1704372493.1.1.1704372493.60.0.0
www.premera.com/	1970-01-21 03:02:12	Name: _gd_visitor Value: 5bb6f80c-86a0-453c-8216-6a7d08cb2a27
www.premera.com/	1970-01-20 17:26:26	Name: _gd_session Value: 2f36cd48-ab50-4328-8c16-87fb3087138e
www.premera.com/	1970-01-20 17:26:14	Name: ai_session Value: CgIrE\|1704372493636.9\|1704372493636.9
.demdex.net/	1970-01-20 21:45:24	Name: demdex Value: 23236567143668288703574160996395182204
www.premera.com/	1969-12-31 23:59:59	Name: AMCVS_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: 1
.6sc.co/	1970-01-21 03:02:12	Name: 6suuid Value: 9628341731862e000ea996650a000000e6860100
.everesttech.net/	1970-01-21 02:11:48	Name: everest_g_v2 Value: g_surferid~ZZapDgAAAI86DwN8
.dpm.demdex.net/	1970-01-20 21:45:24	Name: dpm Value: 23236567143668288703574160996395182204
.premera.com/	1970-01-21 03:02:12	Name: s_ecid Value: MCMID%7C23713586733940706923552903752304844190
www.premera.com/	1970-01-21 03:02:12	Name: AMCV_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: 1406116232%7CMCIDTS%7C19727%7CMCMID%7C23713586733940706923552903752304844190%7CMCAAMLH-1704977293%7C9%7CMCAAMB-1704977293%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1704379693s%7CNONE%7CMCSYNCSOP%7C411-19734%7CMCAID%7CNONE%7CvVersion%7C2.5.0
.premera.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.adform.net/	1970-01-20 18:10:50	Name: C Value: 1
.adform.net/	1970-01-20 18:52:36	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 18:52:36	Name: uid Value: 6985292829669439587
.adform.net/	1970-01-20 17:27:38	Name: CM Value: 1\|1
.adform.net/	1970-01-20 17:46:22	Name: CM14 Value: 1704458896_1704372496_1_Hu7u4e4e4R7u4e4REREeEREREQ
.360yield.com/	1970-01-20 19:35:48	Name: tuuid Value: 34bae1b1-2e7c-4937-bb1b-9a56fb789d76
.360yield.com/	1970-01-20 19:35:48	Name: tuuid_lu Value: 1704372496
.360yield.com/	1970-01-20 19:35:48	Name: um Value: !42,x4wWNLcRGra5torKqb39RJdb2ncETlFnvC5m0jBmT9fU,1705582096
.360yield.com/	1970-01-20 19:35:48	Name: umeh Value: !42,0,1766580496,-1
.eyeota.net/	1970-01-21 02:13:14	Name: mako_uid Value: 18cd484680c-244600000108576e
.eyeota.net/	1970-01-20 17:26:13	Name: SERVERID Value: 22382~DM
.semasio.net/	1970-01-21 02:11:48	Name: SEUNCY Value: F16A5F982FA8805E
.bidswitch.net/	1970-01-21 02:11:48	Name: tuuid Value: 15b92a6c-be37-4fe9-bd8a-08fafcacef9b
.bidswitch.net/	1970-01-21 02:11:48	Name: c Value: 1704372496
.bidswitch.net/	1970-01-21 02:11:48	Name: tuuid_lu Value: 1704372496
.crwdcntrl.net/	1970-01-20 23:54:58	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:54:58	Name: _cc_id Value: 9ed205711dac0c0a817bc2902e30000
.smartadserver.com/	1970-01-21 02:57:53	Name: pid Value: 3013985329048584307
.smartadserver.com/	1970-01-21 02:57:53	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:13:14	Name: csync Value: 22:6985292829669439587
.openx.net/	1970-01-21 02:11:48	Name: i Value: 3a5f0b82-0e50-46c6-a69a-93d16cdbe8bf\|1704372496
.rubiconproject.com/	1970-01-21 02:11:48	Name: khaos Value: LQZ7DN6U-O-GF3C
.rubiconproject.com/	1970-01-21 02:11:48	Name: audit Value: 1\|J3aNBbaG9hLzTvxkBZQuvV6QvWkf1OzpmyoFBRpgrR8q81SiTE2/KTEC7eB1iEIhWmmN45/rSlPyUhTWCqUS/I+whRf0v/l/R0kSLLwgLWtryz3Utxngc60ABhhRU3s3fY0V14FIbwNDA6MeUnKE5KZr5ZVxLWDe
.casalemedia.com/	1970-01-21 02:11:48	Name: CMID Value: ZZapEHve7cP69kAD44ZevQAA
.casalemedia.com/	1970-01-20 19:35:48	Name: CMPS Value: 5333
.casalemedia.com/	1970-01-20 19:35:48	Name: CMPRO Value: 5333
.adnxs.com/	1970-01-20 19:35:48	Name: uuid2 Value: 7018147249459584594
.bluekai.com/	1970-01-20 21:48:17	Name: bku Value: /Ux99OYokZVBndX1
.pubmatic.com/	1970-01-20 18:09:24	Name: KRTBCOOKIE_391 Value: 22924-6985292829669439587&KRTB&23263-6985292829669439587&KRTB&23481-6985292829669439587
.pubmatic.com/	1970-01-20 18:09:24	Name: PugT Value: 1704357658
.doubleclick.net/	1970-01-21 03:02:12	Name: IDE Value: AHWqTUlcS5rQx4U7-kUxiZEKb9mj0Qf6bwaFxUWB_RvFhUpt6yZ0w7m5-J8NauNuwWQ
.rlcdn.com/	1970-01-20 18:52:36	Name: pxrc Value: CJDS2qwGEgUI6AcQABIFCOhHEAA=
.adnxs.com/	1970-01-20 19:35:48	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GTzfozvH!]tbPl1M66+q([OUezrWOwP65SgNutVD3s1_+.JVaaU0Za*:hX3If)y3KL9D3I?+H]v?eY
.adsrvr.org/	1970-01-21 02:13:14	Name: TDID Value: afa56096-9f4e-435e-a68f-89af817c10f8
.w55c.net/	1970-01-21 02:57:53	Name: wfivefivec Value: dyLpTdU61Rln8Z5
.w55c.net/	1970-01-20 18:09:24	Name: matchadform Value: 5
.adsrvr.org/	1970-01-21 02:13:14	Name: TDCPM Value: CAEYBSABKAIyCwiWzbP2xMvGPBAFOAE.
.agkn.com/	1970-01-21 02:11:48	Name: ab Value: 0001%3AJdoEL5j8AwsZOOc7dTTJz4XokQQLVyJW
.pippio.com/	1970-01-21 02:11:48	Name: did Value: OsueSbo4RiTxdpeU
.pippio.com/	1970-01-21 02:11:48	Name: didts Value: 1704372497
.pippio.com/	1970-01-20 18:52:36	Name: nnls Value:
.seadform.net/	1970-01-20 18:52:36	Name: uid Value: 6985292829669439587
.krxd.net/	1970-01-20 21:45:24	Name: _kuid_ Value: QA_zP9SK
.teads.tv/	1970-01-21 02:10:22	Name: tt_viewer Value: 450d9639-48d8-4c2c-81f3-3407774f3602
.pippio.com/	1970-01-20 18:52:36	Name: pxrc Value: CJHS2qwGEgQIAhAAEgYI7OsBEAA=
.3lift.com/	1970-01-20 19:35:48	Name: tluid Value: 1898638248436253649821
.weborama.fr/	1970-01-21 02:52:07	Name: AFFICHE_W Value: 7RcfSOWbplHt47
.linksynergy.com/	1970-01-21 02:11:48	Name: rmuid Value: 298e82dc-52ad-4e6d-9408-6dcaf35b636d
.linksynergy.com/	1970-01-21 02:11:48	Name: icts Value: 2024-01-04T12:48:17Z
.audrte.com/	1970-01-20 17:47:48	Name: arcki2 Value: a9aEcBtCtlkT5CMcCyRwQ-a5g!20220908!1704372497647!ip#116.86.254.31
.audrte.com/	1970-01-20 17:47:48	Name: arcki2_adform Value: 6985292829669439587!20220908!1704372497647
.smaato.net/	1970-01-20 17:56:26	Name: SCM Value: 06fe7ad8c0
.smaato.net/	1970-01-20 17:56:26	Name: SCMv Value: 06fe7ad8c0
.smaato.net/	1970-01-20 17:56:26	Name: SCM1001213 Value: 06fe7ad8c0
.adfarm1.adition.com/	1970-01-20 19:35:48	Name: UserID1 Value: 7320224134836320413
.rlcdn.com/	1970-01-21 02:11:48	Name: rlas3 Value: X5XOgyEwLD2jczqcQYj0Vg7GlOE6zZIjCz2S0FVdZhQ=
.audrte.com/	1970-01-20 17:47:48	Name: arcki2_ddp2 Value: a9aEcBtCtlkT5CMcCyRwQ-a5g!20220908!1704372497868
.ads.stickyadstv.com/	1970-01-20 18:52:36	Name: uid-bp-617 Value: 6985292829669439587
.ads.stickyadstv.com/	1970-01-20 18:09:24	Name: UID Value: ae3d75f9d1f999524e81e8f924fea480
.id5-sync.com/	1970-01-20 19:35:48	Name: id5 Value: 1868a6a3-4872-7cb1-9c65-4c75fd1ff0fd#1704372497644#2
.audrte.com/	1970-01-20 17:47:48	Name: arcki2_azerion Value: 34bae1b1-2e7c-4937-bb1b-9a56fb789d76!20220908!1704372498080
.lkqd.net/	1970-01-21 02:11:48	Name: sr109 Value: 1\|06fe7ad8c0\|1704372498
.lkqd.net/	1970-01-21 02:11:48	Name: lkqdid Value: VwvSRq9sF9c
.lkqd.net/	1970-01-21 02:11:48	Name: lkqdidts Value: 1704372498
.id5-sync.com/	1970-01-20 19:35:48	Name: 3pi Value: 2#1704372498446#226189236#7018147249459584594\|10#1704372498046#1716789375#6985292829669439587
.premera.com/	1969-12-31 23:59:59	Name: rxvt Value: 1704374298991\|1704372492010
.premera.com/	1969-12-31 23:59:59	Name: dtPC Value: 5$372492004_353h-vTTQMNMGUNNHAIHCMRWTASTGFPREHTSHF-0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.premera.com/visitor?region=pbcwa Message: Refused to apply style from 'https://www.premera.com/pbc.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://www.premera.com/visitor?region=pbcwa Message: Refused to apply style from 'https://www.premera.com/pbc.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://id5-sync.com/c/10/112/0/3.gif?puid=${UIPID}&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
analytics.google.com
api.adrtx.net
az416426.vo.msecnd.net
b.6sc.co
beacon.krxd.net
c.6sc.co
c1.adform.net
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
contentservices.premera.com
cs.lkqd.net
data.privacy.ensighten.com
dc.services.visualstudio.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
ipv6.6sc.co
j.6sc.co
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
member-edge.premera.com
nexus.ensighten.com
onetag-sys.com
pdw-adf.userreport.com
pippio.com
pm.w55c.net
premera.com
premera.demdex.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
simage2.pubmatic.com
smetrics.premera.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
uipglob.semasio.net
use.fontawesome.com
www.facebook.com
www.google.com.sg
www.googletagmanager.com
www.premera.com
x.bidswitch.net
www.premera.com
103.43.90.178
104.17.25.14
104.18.36.155
107.178.254.65
117.18.232.200
119.9.108.180
122.248.253.6
13.227.254.65
13.227.254.97
13.251.203.156
139.99.123.150
142.250.4.156
157.240.15.13
157.240.15.35
162.19.138.116
172.64.140.13
18.141.15.108
18.141.80.142
18.155.68.56
18.155.68.97
18.196.5.91
185.167.164.43
185.84.60.20
185.84.60.23
185.84.60.57
207.65.33.82
216.239.32.181
23.106.127.57
23.207.181.216
23.44.1.77
23.52.40.154
23.73.14.39
3.33.220.150
34.208.28.93
34.98.64.218
34.98.67.3
35.190.24.218
35.213.12.39
35.244.154.8
35.71.178.8
40.79.170.242
40.91.73.27
46.19.11.36
51.79.152.76
52.0.156.250
52.218.121.0
52.247.202.34
52.34.247.233
52.76.42.3
52.77.120.78
54.217.36.38
54.238.98.43
63.140.36.117
69.173.158.64
69.20.43.192
74.125.200.97
74.125.68.155
74.125.68.94
85.114.159.93
99.81.243.254
032d61322fc1dda049b35c443d63499c20cc2ec604e5e8ff5a3a72df9bc0bd47
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1cc2303393a23210efcd044e17d74d8c5571e90baa930c4bd8d905f2969296dd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ba138e8311ad674c8d4b31d19d3b2f5f0472a33eab5b547f46c2ef35eaf3d26
2c5c7d8b67df2c888a527a697c2ecdcb481a19d26e6fb77a22aa78e0f9f238e3
2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39168bbc9eabd8ca83287ee3bc543c5b2ae42ea5318f4e73cb541998feb7d641
4ac74a74fc673213ea36d0539fc830df3d8f4f37ead02a1d2ba2d6077bf00ae8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d35ddf28babc2dd0de23819adda4548ce7bac4314faabb8f300550bbc1998
4f468bac56fc141673f8041311cd23c86365a87f20075b19becf999c621c2179
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
531fdf1e20bb2c6c556ca43167fffe7847d165d0d28e9720ef0558c2b7096c89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c354a8011388e5bcc00d378d43cff0dca5074fe3bec5815b9c9570ff74fbd75
6144ac29d384db66c5a7b7bb49608715ef4cfcaa51eca9f6e1979cca62ae2472
6440ff3716a8517c2fb783fb319114c3c4cee357b648982c01eaa74493dcef3d
6775c13d13cf0a8e5cceaa70e793dc6299c2a7e0934262a484bf3dd73152b6ea
682dc04057efefe832d0ddf9206df96c77c45c4adaa3f0a098b079900f77f9e0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c790ab9b630dacdc583056067dbaf6ae8a38bc6915657042cd6ebd6f7b7ad1a
7115ca5ec2aa380d49f0e7b3f6528b35dd80b26e3c0c90b906534353df44a6cd
725b6b0d286e9f4e022d838b46837f5028eb471ccb52465e506c9c0a7be3677b
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
754045b731b735d94cefc444c72a748a7ce429de95862eff25a3908d48d78ac7
763860f077901c20f62d6ce9626f3098106bba5736ee8e5dc11dee1c8410be5b
78acf2126a634507f19fdf32d51e7e123938035a65edd07d37cda567896460f1
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
7ba24c4138c4c3cfe694a8fc8943b8ce21b9bfbb14edcb290b8654fcaa365d6b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d0650caa16deff37249de25ab4acfb7dcd901fd2a22c24505068c93fa6795f7
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a891d182b607d20c8b7b6a5c91c362eba45de509230104701c1f82da832ee7a1
a9b3e89a61bfe0840c51a68d163d77ea087ec9a88f1445ad85f6b824b5f09dc3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1758ea0215ce1c48590bb41cdbf9610a587b1fc684a3eca5c21e120e7a26b60
b6594ba315eccd5b24b56b68c6753c3a84a4517683d2c7c1559e633f484b6628
b7697a524a5a31a075b67645e5d8d12e71df7bbd51475aeebdd60ed2763a8179
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be999a2f77678e0b7155281c883fe61899e1063389bbbcd85b26c85c6e6f79b0
c0068ffecc728b7fdef54dd5fd864c2d8b8a041d4a83216cdb176f5d19eedb39
c04d6663026b2be5d25f0f532fd9bb8b80120bd14d7e9897e594bd47a73b9de0
c2850cf31a1108c634094e71fe8b3b804383e671a513877711e3e5e357fc1ba7
cb3a1589b34fe9023717a758461adc5a50734198db339cf080ebb9a747d3e71e
cc6dc6932d4ebab6c50374fd388d83b0836efa61ac92caaca3d1cb5cbe3c02ef
cf25b6fc323821ae02d0ef3dc2d5f7a5b21bf485a1f2b10bcd4da0e855a763c5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d391bd873b4c465eedece01181731760c0ae8a700ad442dcc309d56114eda964
d7a56ef2f489c95ce7f1f10ebd3f1f2375543652cd0f183822f82d7bcad961c9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2c5cf547e2e8d74a17d05c5ad9f1f593ca526452e228124294fa983b908ff82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f8c6afd6e91598edf2bde85fcc9ebfabb3cef1d51a7b9d732ef199ba1a1795
ec7a624f9b56647347c081267f0b7897d03845ea413e82f4d41010a53c8401ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f374f13ef3a99199df00b5f5332eec3dc9aec900c4be9b94b9aa1e8f54737933
f461742308b7791fee6e9698e1212aa6e8fd1d5e5b41795bfd68e93aa011073d
f4df91b59851687a2e21d47c94c99ecebc470a267e68a261582d2dc52a566eb8
fc846fdb3ef1482baaba7057fe2fb2276da727b37b4204f54abcd65f9fbcb610
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff8510712984ac3ccf08c022b8e8963d556c34ddacdd963f36c99735c8f42057

www.premera.com Open in urlscan Pro 40.91.73.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

82 %HTTPS

0 %IPv6

54 Domains

68 Subdomains

48 IPs

10 Countries

1763 kBTransfer

4099 kBSize

98 Cookies

14 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.premera.com Open in urlscan Pro
40.91.73.27 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

82 %
HTTPS

0 %
IPv6

54
Domains

68
Subdomains

48
IPs

10
Countries

1763 kB
Transfer

4099 kB
Size

98
Cookies

142 HTTP transactions
0 data transactions