149.111.166.221 Open in urlscan Pro
149.111.166.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://149.111.166.221/
Submission: On June 09 via manual (June 9th 2022, 2:32:42 am UTC) from US — Scanned from DE

Summary HTTP 148 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 25 domains to perform 148 HTTP transactions. The main IP is 149.111.166.221, located in United States and belongs to UHC, US. The main domain is 149.111.166.221.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 6th 2022. Valid for: a year.

This is the only time 149.111.166.221 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 57	149.111.166.221 149.111.166.221	10879 (UHC) (UHC)
9	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:91a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.215.111.225 52.215.111.225	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	79.125.52.138 79.125.52.138	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	34.203.47.152 34.203.47.152	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	96.16.147.243 96.16.147.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.57.130.8 52.57.130.8	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:205... 2600:9000:2057:4e00:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.195.198 35.227.195.198	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.86.1.83 99.86.1.83	16509 (AMAZON-02) (AMAZON-02)
1	3.225.44.8 3.225.44.8	14618 (AMAZON-AES) (AMAZON-AES)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
148	30

57 149.111.166.221 (United States) 2 redirects

ASN10879 (UHC, US)
PTR: uhccom-origin-elr.uhc.com

149.111.166.221	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:91a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.111.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-111-225.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.52.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com

uhc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.47.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-47-152.compute-1.amazonaws.com

164773174ba1.o3n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.130.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-130-8.eu-central-1.compute.amazonaws.com

75161.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:4e00:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.195.198 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 198.195.227.35.bc.googleusercontent.com

analytics1.ninahale.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

8584968.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f106:83:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-83.fra6.r.cloudfront.net

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.44.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-44-8.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 8584968.fls.doubleclick.net — Cisco Umbrella Rank: 70741	13 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	686 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 79	2 KB
11	google.de www.google.de — Cisco Umbrella Rank: 6180	1 KB
9	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 436	128 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 333	12 KB
4	iperceptions.com universal.iperceptions.com — Cisco Umbrella Rank: 8097 api.iperceptions.com — Cisco Umbrella Rank: 7613	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 43	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	60 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 92	398 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 365	7 KB
2	uhc.com smetrics.uhc.com — Cisco Umbrella Rank: 76178	749 B
1	sessioncam.com ws.sessioncam.com — Cisco Umbrella Rank: 8349	291 B
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	60 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 733	632 B
1	ninahale.net analytics1.ninahale.net — Cisco Umbrella Rank: 62164	1 KB
1	everesttech.net lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 5904	206 B
1	siteimproveanalytics.io 75161.global.siteimproveanalytics.io — Cisco Umbrella Rank: 123454	620 B
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 5541	3 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3278	6 KB
1	o3n.io 164773174ba1.o3n.io	183 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 122	15 KB
1	omtrdc.net uhc.tt.omtrdc.net — Cisco Umbrella Rank: 107063	712 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 186	1020 B
1	instant.page instant.page — Cisco Umbrella Rank: 15102	1 KB
148	25

	Domain	Requested by
15	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
11	www.google.de	149.111.166.221
11	www.google.com	2 redirects 149.111.166.221
11	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
9	assets.adobedtm.com	149.111.166.221 assets.adobedtm.com
5	bat.bing.com	149.111.166.221 bat.bing.com
4	8584968.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.google-analytics.com	assets.adobedtm.com www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	149.111.166.221 8584968.fls.doubleclick.net connect.facebook.net
2	api.iperceptions.com	universal.iperceptions.com
2	www.facebook.com	8584968.fls.doubleclick.net
2	adservice.google.com	8584968.fls.doubleclick.net
2	universal.iperceptions.com	149.111.166.221 universal.iperceptions.com
2	s.yimg.com	149.111.166.221 s.yimg.com
2	smetrics.uhc.com	assets.adobedtm.com
1	ws.sessioncam.com	d2oh4tlt9mrke9.cloudfront.net
1	d2oh4tlt9mrke9.cloudfront.net	assets.adobedtm.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sp.analytics.yahoo.com	149.111.166.221
1	analytics1.ninahale.net	149.111.166.221
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	75161.global.siteimproveanalytics.io	149.111.166.221
1	www.everestjs.net	assets.adobedtm.com
1	siteimproveanalytics.com	149.111.166.221
1	164773174ba1.o3n.io	149.111.166.221
1	www.googleadservices.com	www.googletagmanager.com
1	uhc.tt.omtrdc.net	assets.adobedtm.com
1	dpm.demdex.net	assets.adobedtm.com
1	instant.page	149.111.166.221
148	29

This site contains links to these domains. Also see Links.

Domain
www.aarpmedicareplans.com
www.uhccommunityplan.com
www.uhone.com
www.uhcexchange.com
smallbusiness.uhc.com
www.myuhc.com
www.medicare.uhc.com
www.uhcprovider.com
newsroom.uhc.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
uhccom-origin.uhc.com COMODO RSA Organization Validation Secure Server CA	`2022-06-06` - `2023-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
smetrics.uhc.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-09` - `2022-09-09`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.o3n.io R3	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-18` - `2022-06-16`	3 months	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-02` - `2022-09-02`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.iperceptions.com Amazon	`2022-03-16` - `2023-04-13`	a year	crt.sh
analytics1.ninahale.net GTS CA 1D4	`2022-04-19` - `2022-07-18`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
ws.sessioncam.com Amazon	`2022-03-04` - `2023-04-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://149.111.166.221/
Frame ID: 7968486E377BEB5A02167CE474CA4564
Requests: 138 HTTP requests in this frame

Frame: https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F
Frame ID: 9A15A6B97E6B7F8A8240253A77F69382
Requests: 6 HTTP requests in this frame

Frame: https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F
Frame ID: 535533B3F11EC9974A3B3425EF2CBDB5
Requests: 2 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 0963C27989DF302D640F6B90C305FC5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Health insurance plans for individuals & families, employers, medicare | UnitedHealthcare United Healthgroup Logo

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

148
Requests

61 %
HTTPS

50 %
IPv6

25
Domains

29
Subdomains

30
IPs

7
Countries

1984 kB
Transfer

4647 kB
Size

31
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aarpmedicareplans.com/
Title: Medicare plans

Search URL Search Domain Scan URL

URL: https://www.uhccommunityplan.com/
Title: Medicaid plans

Search URL Search Domain Scan URL

URL: https://www.uhone.com/
Title: Individual & family plans – short term, dental & more

Search URL Search Domain Scan URL

URL: https://www.uhcexchange.com/?cid=website%3A2022-insurance-exchange-sep%3A33337429&tfn=1-844-860-0401
Title: Individual & family plans – Marketplace (ACA)

Search URL Search Domain Scan URL

URL: https://smallbusiness.uhc.com/
Title: Small business plans

Search URL Search Domain Scan URL

URL: https://www.myuhc.com/member/prewelcome.do?currentLanguageFromPreCheck=en
Title: Plan through your employer? Sign in to myuhc.com

Search URL Search Domain Scan URL

URL: https://www.medicare.uhc.com/?aud=uhc-medicare
Title: Medicare plan? Sign in to Medicare member site

Search URL Search Domain Scan URL

URL: https://www.uhcprovider.com/
Title: For Providers

Search URL Search Domain Scan URL

URL: https://newsroom.uhc.com/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UnitedHealthcare

Search URL Search Domain Scan URL

URL: https://twitter.com/uhc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unitedhealthcare/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/UnitedHealthcare

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/unitedhealthcare/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066495647/?random=1654741956320&cv=9&fst=1654741956320&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=4290470779&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=4290470779&resp=GooglemKTybQhCsO&ipr=y

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002783284/?random=1654741956323&cv=9&fst=1654741956323&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=2333024742&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=2333024742&resp=GooglemKTybQhCsO&ipr=y

Request Chain 110

https://149.111.166.221/content/uhcdotcom/en/home/global-alert.html HTTP 301
https://149.111.166.221/global-alert.html HTTP 301
https://149.111.166.221/global-alert

Request Chain 124

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F HTTP 302
https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F

Request Chain 125

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F HTTP 302
https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F

148 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
149.111.166.221/ 153 KB
19 KB 734ms
129ms Document
text/html 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

c9bc66a882db43c73cba06a134b1613ce3711e36b44024eca042b42497e27032

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 18714
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Jun 2022 02:32:34 GMT
Keep-Alive: timeout=15, max=500
Last-Modified: Wed, 08 Jun 2022 21:18:55 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding

GET
H/1.1 200
OK clientlib-initial.min.7887977aea3bb823fcbd40add3bd5ed0.js Show response
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 54 KB
20 KB 488ms
129ms Script
application/javascript 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.7887977aea3bb823fcbd40add3bd5ed0.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

e3486fe0347cc74c6ba84513be456b0cc8e1fca4acb09cc2d0098c8ad0441254

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 02:15:19 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 19418
Expires: Sat, 09 Jul 2022 02:32:35 GMT

GET
H/1.1 200
OK clientlib-polyfills.min.44b424870ad531f63018135e2f49ff8f.js Show response
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 32 KB
12 KB 489ms
129ms Script
application/javascript 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-polyfills.min.44b424870ad531f63018135e2f49ff8f.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

14ce988c67fafb84fa1ff8bdec961a4d9c5a7f6cef44c3d89618eeb4f66fdc1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 02:15:20 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 11403
Expires: Sat, 09 Jul 2022 02:32:35 GMT

GET
H/1.1 200
OK clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 210 KB
21 KB 250ms
132ms Stylesheet
text/css 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

789760e0f443db840e01c6c6ad7e5e1465839381956f0bd1878e205421d8fc05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 02:34:08 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 20969
Expires: Sat, 09 Jul 2022 02:32:35 GMT

GET
H/1.1 200
OK clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 210 KB
30 KB 491ms
132ms Stylesheet
text/css 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

568715dffe1216519a1d9bab81269a849419ee967f77e459fc066f55bf3c22b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 02:34:08 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 29538
Expires: Sat, 09 Jul 2022 02:32:35 GMT

GET
H2 200 launch-EN9b48c755725743e1aca48496b38b9064.min.js Show response
assets.adobedtm.com/ 413 KB
110 KB 61ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c28b36ca2028e57a10e225a368c3cca41d30919d7e32f4a70b8d7b3960e6ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:35 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:31 GMT
server: AkamaiNetStorage
etag: "9e3452668413e7f88a4faaaa0cca651c:1654720051.958208"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 111649
expires: Thu, 09 Jun 2022 03:32:35 GMT

GET
H/1.1 200
OK U-mark-blue.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 708 B
1 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/U-mark-blue.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

5edf7276713b08292c2eb988b2906b022b649352f50be3cabbebf81ce64065c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Last-Modified: Thu, 26 May 2022 02:34:05 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 708

GET
H/1.1 200
OK logo-mobile.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 6 KB
6 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/logo-mobile.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 5818

GET
H/1.1 200
OK UHC_MB_Lockup_Horiz_blu_RGB.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 6 KB
6 KB 136ms
135ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/UHC_MB_Lockup_Horiz_blu_RGB.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 5818

GET
H/1.1 200
OK grp_mobile_find_doctor_icon.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 651 B
1 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/grp_mobile_find_doctor_icon.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

3c319d4176c641538e14c748cdb4cd7dc1651b4ec10ef767c586f2b1628003a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 651

GET
H/1.1 200
OK grp_mobile_magnifier_icon.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 417 B
967 B 136ms
135ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/grp_mobile_magnifier_icon.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

c5992cbcead34bb80da9b732964325a78a8803a2f95bfa850e407401ec86a605

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:35 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 417

GET
H/1.1 200
OK grp_mobile_signin_icon.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 481 B
1 KB 202ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/grp_mobile_signin_icon.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

5da9ef2ac02ad19a29e41555f44ce5639db3ef8884ddd7c0364a02a61b51a400

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 481

GET
H/1.1 200
OK grp_mobile_hamburger_icon.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 372 B
922 B 161ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/grp_mobile_hamburger_icon.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

e8f572ad78aebce8a894413297899eabcbdc22acedd8da45d33224f1d67ac330

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:14 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 372

GET
H/1.1 200
OK modal_fntt_close_dark.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 531 B
1 KB 144ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/modal_fntt_close_dark.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

1689129c5091c4dfd4b0fe3cd4f260d039eff5f1caabed6cb7c1f78227ef6106

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 531

GET
H/1.1 200
OK original
149.111.166.221/content/dam/uhcdotcom/en/Home/april-multi-gen-3-3840-x-1086.jpg/jcr:content/renditions/ 233 KB
234 KB 136ms
134ms Image
image/jpeg 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/en/Home/april-multi-gen-3-3840-x-1086.jpg/jcr:content/renditions/original

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

95abe71d9ab7da5e64d628fde794f9e449adb5233e43463bbb09036d8213216d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Apr 2022 17:41:43 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 239022

GET
H/1.1 200
OK icon-stethoscope.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_752075807_/image_copy.coreimg.1280.svg/1653528297659/ 1 KB
2 KB 126ms
125ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_752075807_/image_copy.coreimg.1280.svg/1653528297659/icon-stethoscope.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

3fa800389b9a888ebbfda69fe6abda7ac2ed2ea1f52125035acd30ae85d0302b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:21 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 1247

GET
H/1.1 200
OK medicare-c-bed-stethoscope-2-color.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_752075807__2034042106/image_copy.coreimg.1280.svg/1613218532934/ 1 KB
2 KB 189ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_752075807__2034042106/image_copy.coreimg.1280.svg/1613218532934/medicare-c-bed-stethoscope-2-color.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

d8acfc49fb9591560a181940f9e793abe8df30bff82a2bd59c917e03116ab7f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:21 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 1420

GET
H/1.1 200
OK store-2-color.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_752075807_/image_copy.coreimg.1280.svg/1613218535891/ 948 B
1 KB 163ms
125ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_752075807_/image_copy.coreimg.1280.svg/1613218535891/store-2-color.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

079d77a69d378be52a6a8ca5f66f8196871701abc01f0c11a2f71e9d200eb30f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:23 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 948

GET
H/1.1 200
OK time-clock-2-color.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_752075807__2034042106/image_copy.coreimg.1280.svg/16132185... 824 B
1 KB 146ms
125ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_752075807__2034042106/image_copy.coreimg.1280.svg/1613218542111/time-clock-2-color.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

bc5c36257c3953104c6e64a0fb41312ab800d638cfd21d66c4086f6705c57be6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:23 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 824

GET
H/1.1 200
OK heart-2-color.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_1757183781/container_752075807_/image_copy.coreimg.1280.sv... 812 B
1 KB 126ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_1757183781/container_752075807_/image_copy.coreimg.1280.svg/1613218524482/heart-2-color.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

53a8b28b8d935ee16374f47dc39adf3d69e97a0daf5edbf5f1bb2ec1436bb841

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 812

GET
H/1.1 200
OK toothbrush-2-color.svg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_1757183781/container_752075807__2034042106/image_copy.core... 941 B
1 KB 188ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container/container_1757183781/container_1757183781/container_1757183781/container_752075807__2034042106/image_copy.coreimg.1280.svg/1613218539278/toothbrush-2-color.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

7b180efdacf2caf32fe6232ed56bf6089c55edd52497d1c23191db4a9afcf9bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 941

GET
H/1.1 200
OK plan-finder-target-illustration-632x276.gif
149.111.166.221/content/experience-fragments/uhcdotcom/plan-finder/bullseye-option/master/_jcr_content/root/container/image.coreimg.82.1280.gif/1632769628503/ 9 KB
9 KB 159ms
127ms Image
image/gif 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/experience-fragments/uhcdotcom/plan-finder/bullseye-option/master/_jcr_content/root/container/image.coreimg.82.1280.gif/1632769628503/plan-finder-target-illustration-632x276.gif

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

9cd36c5aac40622a7d362399fe5d139e903d58e05fa02cca446f8e9bc36e9bcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 8798
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK homepage-digital-tools-illustration-1000x370-mobile.png
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830_/image_copy_copy.coreimg.82.1280.png/1613218655079/ 16 KB
16 KB 125ms
125ms Image
image/png 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830_/image_copy_copy.coreimg.82.1280.png/1613218655079/homepage-digital-tools-illustration-1000x370-mobile.png

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

22b14b5fd097ebc80346ec2b6ffb60ea66aeb9be6cf9daabf5812b67c7800d96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 16176
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK homepage-digital-tools-illustration-576x325.png
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830_/image_1565153223.coreimg.82.1280.png/1613218656453/ 33 KB
33 KB 124ms
124ms Image
image/png 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830_/image_1565153223.coreimg.82.1280.png/1613218656453/homepage-digital-tools-illustration-576x325.png

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

bd9a66ef1adbed0c8bfb9e5996ad0d7e07771f4c2f56dfb29ab4715273220f27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 33534
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK access-mental-health-750x390.jpeg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479_1219320608/container/image.coreimg.82.1280.jpeg/165064315... 25 KB
26 KB 124ms
124ms Image
image/jpeg 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479_1219320608/container/image.coreimg.82.1280.jpeg/1650643158550/access-mental-health-750x390.jpeg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

742ddae86d55488a6e7b949b9d059bdb4923c3fa58eb576a53f71aa041874657

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Tue, 31 May 2022 15:49:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 25485
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK 3-tips-telehealth-750x390.jpeg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479/container_copy_copy_/image.coreimg.82.1280.jpeg/165064320... 27 KB
27 KB 125ms
125ms Image
image/jpeg 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479/container_copy_copy_/image.coreimg.82.1280.jpeg/1650643200560/3-tips-telehealth-750x390.jpeg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

80c0836cf5ac64f99b58965b5fc4cb6f18da37e199fe9ba6ed1260b55f452e4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Tue, 31 May 2022 15:49:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 27331
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK manage-health-care-costs-woman-750x390.jpeg
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479_751837600/container_copy_copy_/image.coreimg.82.1280.jpeg... 28 KB
28 KB 126ms
126ms Image
image/jpeg 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_370364568__2011260795/grid_copy/container_1055174479_751837600/container_copy_copy_/image.coreimg.82.1280.jpeg/1650643286104/manage-health-care-costs-woman-750x390.jpeg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

c1982f0ff3b89e59d0e46bdd9ee50eee6975138acbbda53bb5e6db27ce4cacbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Tue, 31 May 2022 15:49:25 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 28248
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK homepage-partners-in-caring-illustration-576x325.png
149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830__172672878/container/image.coreimg.82.1280.png/1613218655408/ 26 KB
27 KB 244ms
244ms Image
image/png 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/_jcr_content/root/regioncontainer-main/responsivegrid-bottom/container_860516830__172672878/container/image.coreimg.82.1280.png/1613218655408/homepage-partners-in-caring-illustration-576x325.png

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

1c05e48446f9127388b7fa6ee4c6daa4a9da8d71a747851983120e13213e5a38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Content-Length: 26773
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK uhc-wordmark-stacked-white-01.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 5 KB
6 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/uhc-wordmark-stacked-white-01.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

0b3fd81c030319604cfed6e8f0eac6d8699dcaa4ee6a4b923a15e55823cf1025

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=494
Content-Length: 5401

GET
H/1.1 200
OK icon-facebook-white.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 1020 B
2 KB 124ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/icon-facebook-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

d9f2f1423b5ceb30122c5aa5eb03fc58342490725714f0a231cd9f8c5da143cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=494
Content-Length: 1020

GET
H/1.1 200
OK icon-twitter-white.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 1 KB
2 KB 124ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/icon-twitter-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

9a2356f617f58aee4cf1ee23420203d11255ccc4efe69b04bc998ced2da75349

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=494
Content-Length: 1502

GET
H/1.1 200
OK icon-instagram-white.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 2 KB
3 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/icon-instagram-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

3cbbf4169eee3de4c8364f1f44e7d7dcdcf8f6e5e038b7d0e7c831e0c24633cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 2372

GET
H/1.1 200
OK icon-youtube-white.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 1 KB
2 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/icon-youtube-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

62659a31050f1ee81d20ec930f30d92c1f509f31b621286920d6053870656f06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=493
Content-Length: 1207

GET
H/1.1 200
OK icon-linkedin-white.svg
149.111.166.221/content/dam/uhcdotcom/website-assets/ 1 KB
2 KB 124ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/content/dam/uhcdotcom/website-assets/icon-linkedin-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

caecbd7df1cf56c93befb54bbbfd9f98121a0dc5c7e180ec29f8ac5fa1641804

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=493
Content-Length: 1330

GET
H/1.1 200
OK logo-white.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 1015 B
2 KB 124ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/logo-white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

6207c72cb8808f45cd69d92925067512a9753108bd41dc7b43b7f21e98fafece

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Last-Modified: Thu, 26 May 2022 02:34:15 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=493
Content-Length: 1015

GET
H/1.1 200
OK clientlib-video.min.a57c16e5a7f8b7101fc2d9734f7a1509.js Show response
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 38 KB
12 KB 129ms
129ms Script
application/javascript 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-video.min.a57c16e5a7f8b7101fc2d9734f7a1509.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

5c486701e64aa8051f65c143ec936ef100186ac6bc083bd9e8ae8913c406f8e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 02:15:20 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 12052
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H/1.1 200
OK clientlib-site.min.afc88a9d822a29ccac18b8c6b536faf2.js Show response
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/ 234 KB
57 KB 137ms
137ms Script
application/javascript 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.afc88a9d822a29ccac18b8c6b536faf2.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

13faf9c2facd5c53adda7a326dae6e36c3aa6578268752a8374d7915f50d36cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 02:15:20 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=492
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H2 200 5.1.0 Show response
instant.page/ 3 KB
1 KB 41ms
14ms Script
text/javascript 2606:4700::6811:91a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.0
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:91a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://149.111.166.221/
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:35 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7186752759789ba7-FRA

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 212 B
1020 B 143ms
34ms XHR
application/json 52.215.111.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=92E102BE5330583D0A490D4C%40AdobeOrg&d_nsid=0&ts=1654741955906

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-111-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b8a66c45344f2f71472e3475916cf5a069d78459254a38334e5acbd4fdfc00e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v034-02215635e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 49AMoC4QRXY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://149.111.166.221
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 205
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:35 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Thu, 09 Jun 2022 03:32:35 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:35 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Thu, 09 Jun 2022 03:32:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3469
date: Thu, 09 Jun 2022 01:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Jun 2022 03:34:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9613518ce824458e3724c5041678d3f826943707a86fd192e2e49aec4d82aa8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40953
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9549424&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daac6ebadb6f759a2c60be7119f250e38c37bffdaff1df6a4b3829b395a39c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40964
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 157 KB
57 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60bc9dc1cc0776ebc778f6565cb97e8c7685eabd54ca4d9d9907f30c153c8018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58186
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-845491994&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8228bd4928517c1e5c592182e2942028c87d6bff40a382dfe881b5cd9e6756b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43365
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-877013082&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a06285e999ebbc66cf8522e224ee7fe10e5580ae433fa4e736d2e40489770bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43364
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963648696&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2336b674c76b7ea8a5756e36c2f5b045bb840d21b55a73f116b59b1bff7abea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43395
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002783284&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b1a99c750838bdc4b857bbfec69dfa9e1cc446a9a34ae9c1b8c4c38edc5b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43355
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1031996425&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ce8b59ca7ea4d8efd5ae83c22879c14289ef995b56a667bcd10726f07e839f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43356
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1035216045&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfb2bd2cec956c1b933ee38c7f51326d91959d82e6f23d7a68012e3834f24710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43388
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1066495647&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1e0c5d8d84e20b0746a2c6eeff92895859fec0d608b452f4d1833e0bc2669c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43337
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067173439&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab56c6b9e594e781a8a73f4eea35b307bcb7a76615a58e954184e41fc5914fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43364
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7b8169d872d0e790b1e23b4930c198431098af12f4ceab6219f8f799b4683e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43311
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20a42c36cdb01d8f92a7eacc4e22a0cfc40273d1e14049ed60a50dfdc2afaa86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70055
x-xss-protection: 0
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 157 KB
58 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10851563334&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1e796b79d07d70d22f909d2480bfd91623a9821eaf513aed6d5d23b04fbb329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59297
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11726966&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90aea666e26fea2a10ed94547032fffe94688b33be67a31bcaa7ef742c3bc87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40988
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 00:55:57 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Jun 2022 02:32:36 GMT

GET
H/1.1 200
OK floodlight-v2.js Show response
149.111.166.221/content/dam/uhcdotcom/en/js/ 9 KB
4 KB 125ms
125ms Script
application/javascript 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/content/dam/uhcdotcom/en/js/floodlight-v2.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jun 2022 21:21:27 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=492
Content-Length: 3183
Expires: Sat, 09 Jul 2022 02:32:36 GMT

GET
H2 200 id Show response
smetrics.uhc.com/ 48 B
504 B 65ms
16ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.uhc.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=92E102BE5330583D0A490D4C%40AdobeOrg&mid=60058556500149030412630557837841419524&ts=1654741956071

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

057ed9cdb777276b8a0ac314335f52e12801d4782dd505aa9e5a1d4444c7868d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-df488f754-b2zg9
vary: Origin
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

POST
H2 200 delivery Show response
uhc.tt.omtrdc.net/rest/v1/ 346 B
712 B 123ms
41ms XHR
application/json 79.125.52.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uhc.tt.omtrdc.net/rest/v1/delivery?client=uhc&sessionId=b003bf010cd4438b9afb7deb4e34ea2e&version=2.8.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.52.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6c489a0bd13149408c04d06df94732daf04c9d06ff497f604294106ae1d254c3

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://149.111.166.221
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: ce56d6c777130c684890e80faa57752b

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 44ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Jun 2022 02:32:36 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 30ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HZQWR2GYM4&gtm=2oe660&_p=951583166&_z=ccd.tdB&cid=1427427261.1654741956&ul=en-us&sr=1600x1200&_s=1&sid=1654741956&sct=1&seg=0&dl=https%3A%2F%2F149.111.166.221%2F&dt=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/877013082/ 2 KB
2 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877013082/?random=1654741956312&cv=9&fst=1654741956312&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aeb3b48847d92b21f068e27fed8172ecefdc854d5e9bc47a9f5699c676fe220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035216045/ 2 KB
1 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035216045/?random=1654741956316&cv=9&fst=1654741956316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa0391c4d26dd2ea89433e6a381470965b78405b2bdbe46a9ca18b059d489746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/ 2 KB
1 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/?random=1654741956317&cv=9&fst=1654741956317&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ad2035b798ffed705d738fcbc5d6ec097364559d1a34a618c5421947583cff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963648696/ 2 KB
1 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963648696/?random=1654741956318&cv=9&fst=1654741956318&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe80941f910144b37430b77f03fb184e2606ad3092ee45bd85828978af882553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067173439/ 2 KB
1 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067173439/?random=1654741956319&cv=9&fst=1654741956319&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b148f76d46abf49bf71ce4b6aaab5b9e02b2774dc83c7d94e8d3a31ae1bd0c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/ 2 KB
1 KB 76ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10851563334/?random=1654741956320&cv=9&fst=1654741956320&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

697595920ca97da6835fe072a185b2fe375093147b6862eaff67f9b7ac206e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1066495647/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066495647/?random=1654741956320&cv=9&fst=1654741956320&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...
https://www.google.de/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

23ms
22ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=4290470779&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1066495647/?random=1654741956320&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=4290470779&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 2 KB
1 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1654741956321&cv=9&fst=1654741956321&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6381ae11950dd9b065f070d34a91577bb6a27139770f90cafce8bd7b5eab6614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031996425/ 2 KB
1 KB 72ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031996425/?random=1654741956322&cv=9&fst=1654741956322&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2abe5631edc06ad446ebece038f0239e3ba63f477a05ac84b3da7d5a19c5ddb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/845491994/ 2 KB
1 KB 69ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/845491994/?random=1654741956323&cv=9&fst=1654741956323&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79838d517514d34a36a13ee5843130b8e925aa94870711e45545a811943bb12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1002783284/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1002783284/?random=1654741956323&cv=9&fst=1654741956323&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
https://www.google.com/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...
https://www.google.de/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...

42 B
64 B

18ms
18ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=2333024742&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1002783284/?random=1654741956323&cv=9&fst=1654740000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&is_vtc=1&random=2333024742&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/877013082/ 42 B
548 B 39ms
16ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/877013082/?random=1654741956312&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=3628383946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/877013082/ 42 B
108 B 41ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/877013082/?random=1654741956312&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=3628383946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801664645/ 42 B
108 B 40ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801664645/?random=1654741956317&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1798763983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801664645/ 42 B
548 B 39ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801664645/?random=1654741956317&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1798763983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/963648696/ 42 B
64 B 39ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963648696/?random=1654741956318&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1611865124&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/963648696/ 42 B
64 B 40ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963648696/?random=1654741956318&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1611865124&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1035216045/ 42 B
64 B 40ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035216045/?random=1654741956316&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1959147213&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1035216045/ 42 B
64 B 39ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1035216045/?random=1654741956316&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=1959147213&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
64 B 33ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1654741956321&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=479026514&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801669703/ 42 B
64 B 32ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801669703/?random=1654741956321&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=479026514&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/845491994/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/845491994/?random=1654741956323&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=4052828824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/845491994/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/845491994/?random=1654741956323&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=4052828824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1031996425/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1031996425/?random=1654741956322&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=2314461422&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1031996425/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1031996425/?random=1654741956322&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=2314461422&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10851563334/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10851563334/?random=1654741956320&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=782646498&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10851563334/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10851563334/?random=1654741956320&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=782646498&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1067173439/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067173439/?random=1654741956319&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=2350947066&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1067173439/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067173439/?random=1654741956319&cv=9&fst=1654740000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa660&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F149.111.166.221%2F&tiba=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&async=1&fmt=3&is_vtc=1&random=2350947066&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK doc.gif
164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/ 43 B
183 B 542ms
139ms Image
image/gif 34.203.47.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://164773174ba1.o3n.io/files/x11o4txpj3p2mvm7e70ugynn2/doc.gif?l=https://149.111.166.221/&r=
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.203.47.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-47-152.compute-1.amazonaws.com
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 siteanalyze_75161.js Show response
siteimproveanalytics.com/js/ 14 KB
6 KB 40ms
13ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_75161.js
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbeeac4fe9485bc8bb08153ddab535125e664caa423c4c4b91f729fd2a4f35a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1528
cf-ray: 7186752f1b789012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5127
x-amz-id-2: kUYBX4sg2yd2jHzh3i2Q+kYftaGqe3m3tiAZEECJpGemXuiJn3dTYhNyyE69dbQOOIwbLBB/LVQ=
last-modified: Mon, 16 May 2022 09:31:20 GMT
server: cloudflare
etag: "ea3e8ac40b332ec1e96c33881db93c7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBmC395H5Txada7akMNziCd2ouyP8l9gmdYZ6ktWNSZLYNzK2ww9tpcP4T460ISudcjMEnDGGJAMXuGQP6S0LhyNwvI1pEdeVfYQUvbd868Jg%2BhfxCTuUJNpDfX51yOZLNHvK88u9YUqx%2Fp6fMaYckqSigJKrRE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 387V9828K76YH8KA
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 35ms
8ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:30:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: ZPD014TY8CFTME7E
x-amz-id-2: xUjHzPlQ1l5fvkM9SWVJexvSKC79voIWkAXX+47UlXQGX+hE3nP9HQ0lGG0ahvErNhFpBP9jgmo=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 41ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: NswsjezknSN5JokDnkdEUYamc60cYmMKwxtyYaxZKWqbDDv0m6J8/gPdDMp6vlzRwkpl0FLiGik7Ff030VN5Cg==
x-fb-trip-id: 1709462857
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 09 Jun 2022 02:32:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
3 KB 84ms
13ms Script
application/javascript 96.16.147.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.147.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-147-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: R6X1Z4GZMHQJ34R0
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Thu, 09 Jun 2022 02:32:37 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: jm8UZxXlNwBRe5MV76nXmfeJxyOsHxAxlRqx4Yx6Lk22skfaD1o6r2gLlsQkG8CibRTuc9Pz10M=

GET
H2 200 10059574.json Show response
s.yimg.com/wi/config/ 2 B
486 B 116ms
103ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10059574.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 9CNDB85NR8VSKHGG
x-amz-id-2: ezJJxd080hJmsE0Z5sv+oiw219kBT7+29PdpA3tdS0v+k9SbAMr2MgU160+tFW6xhLXkR0pXLZ8=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK caret_down_white.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 486 B
1 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

45fc150121c58243d25c46de0302c550f6fa6cd69c7916ac48d77716e0492309

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:23 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=491
Content-Length: 486

GET
H/1.1 200
OK search-desktop.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 775 B
1 KB 124ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/search-desktop.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

a6240fd7d991e22e3fa4f74bbc87c2445c51d683971f5193808c664520d832d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:23 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 775

GET
H/1.1 200
OK CTA_external_white.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
1 KB 123ms
123ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_white.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

b5311a08c4bf52be77a75e2e2bf0ea7e1754673845f9feda56612b56a96423b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:19 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=491
Content-Length: 602

GET
H/1.1 200
OK caret_down_darkgrey.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 771 B
1 KB 124ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/caret_down_darkgrey.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

6e17eb1bfb1bb0102ff3648db7bcf9bbbd59057b907e402e3fa9816d16655328

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:06 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=494
Content-Length: 771

GET
H/1.1 200
OK CTA_external_darkblue.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
1 KB 124ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_darkblue.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

96d2262e8f5fa027a8672a07fd92b2737b3aef3382b58fcc3ab6851e29a69c9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:02 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=492
Content-Length: 602

GET
H/1.1 200
OK search-icon.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 2 KB
2 KB 124ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/search-icon.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

de47e5b521e1ce1847da141b9f677295e2ea3dff2e41cb940d661e06eaa06219

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:02 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Content-Length: 1537

GET
H/1.1 200
OK CTA_internal_digitalblue.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 494 B
1 KB 210ms
125ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_internal_digitalblue.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

438c70909e5293b665d6f597c8d70637a81f380acbbc10fa85871c09e59fbd93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:18 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Content-Length: 494

GET
H/1.1 200
OK CTA_external_digitalblue.svg
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/ 602 B
1 KB 125ms
124ms Image
image/svg+xml 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/CTA_external_digitalblue.svg

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

84a6614e572f4ce4064d2ffc2a882f89d8b52cc66234eb99095fb3c5dd4aef73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-site.min.4220b3d5cefad3f51e16b85221bc37dd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:02 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/svg+xml
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 602

GET
H/1.1 200
OK UHCSans-Bold.woff2
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 45 KB
45 KB 247ms
123ms Font
application/octet-stream 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSans-Bold.woff2

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

6f920e2ff1a3dcaf7c83283c2b95941cfbe91f02cba81304bcda28095b1cc9c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:18 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=490
Content-Length: 45644

GET
H/1.1 200
OK UHCSans-MediumItalic.woff2
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 45 KB
45 KB 248ms
124ms Font
application/octet-stream 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSans-MediumItalic.woff2

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

e799bbfe34a7b3c18a39cda68b092ffb8eaf49b7b82cad234954e0c25c1c6f6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:02 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=490
Content-Length: 45948

GET
H/1.1 200
OK UHCSans-Regular.woff
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 65 KB
66 KB 248ms
125ms Font
application/font-woff 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSans-Regular.woff

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

cc80279401611bdf5614d250523a0e9c5168c5dd76ef30cafe8cd2843037dc8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:19 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/font-woff
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 66812

GET
H/1.1 200
OK UHCSans-Medium.woff2
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 44 KB
45 KB 247ms
124ms Font
application/octet-stream 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSans-Medium.woff2

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

1087c091dfe6ae5e44d78f6c19f2a1bd9f7b791d1ad91ee5e404d6823de1b309

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:18 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=493
Content-Length: 45472

GET
H/1.1 200
OK UHCSerifHeadlineWeb-Semibold.woff
149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/ 42 KB
42 KB 249ms
126ms Font
application/font-woff 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial/resources/fonts/UHCSerifHeadlineWeb-Semibold.woff

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

d72b75c2c79a93b5008e3f5de9b7cb66c0d1813bfdf8fae30268796e4aa43531

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Referer: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.f1e1d8f1ba2f4cf7f4e315ef761ef58a.css
Origin: https://149.111.166.221
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Thu, 26 May 2022 02:34:02 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/font-woff
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=491
Content-Length: 42849

GET
H/1.1 200
OK image.aspx
75161.global.siteimproveanalytics.io/ 34 B
620 B 123ms
7ms Image
image/gif 52.57.130.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75161.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2F149.111.166.221%2F&title=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&res=1600x1200&accountid=75161&rt=2849&prev=a474db64-5afd-22a4-d6e1-ed12863e8030&luid=97d25763-d054-067c-bcb6-bb9081ec916e&rnd=8799
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.130.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Thu, 09 Jun 2022 02:32:37 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H/1.1

200
OK

global-alert Show response
149.111.166.221/
Redirect Chain

https://149.111.166.221/content/uhcdotcom/en/home/global-alert.html
https://149.111.166.221/global-alert.html
https://149.111.166.221/global-alert

6 KB
3 KB

125ms
125ms

XHR
text/html

149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/global-alert

Protocol

HTTP/1.1

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

3b7e100265e348f57f4fa8a5d5b0f9280ec4b1932d8227a1d7498d95a64b19d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jun 2022 21:18:48 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=487
Content-Length: 2357

Redirect headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: text/html; charset=iso-8859-1
Location: https://149.111.166.221/global-alert
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Keep-Alive: timeout=15, max=488
Content-Length: 243

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
206 B 49ms
6ms XHR
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=92E102BE5330583D0A490D4C@AdobeOrg&_les_sdid=139533E1EAEE1350-7A4A7A2202ACEA4B&_les_last_search_click=&_les_rsid=uhcsuhcprd&_les_mid=60058556500149030412630557837841419524&_les_url=https%3A%2F%2F149.111.166.221%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1654741957.155524,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://149.111.166.221
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4047-HHN

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 60ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD018007B5804B7F9DBFDECDE88E4DFC Ref B: FRAEDGE1406 Ref C: 2022-06-09T02:32:37Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 09 Jun 2022 02:32:36 GMT
accept-ranges: bytes
content-length: 11333

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=951583166&t=pageview&_s=1&dl=https%3A%2F%2F149.111.166.221%2F&ul=en-us&de=UTF-8&dt=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACAABBAAAAC~&jid=691661508&gjid=878539308&cid=1427427261.1654741956&tid=UA-83933624-1&_gid=854847944.1654741956&_r=1&_slc=1&z=1001654352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 72ms
8ms Script
application/javascript 2600:9000:2057:4e00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 09 Jun 2022 02:30:42 GMT
content-encoding: gzip
content-md5: d5YIeO59lrTqhttidyvULA==
age: 124
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-ms-request-id: 3e833cda-301e-0046-1a95-7b375e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZSY5p6nvwrNeqZs-8A1eABMPbJDo8D3nwlgtqK088MqloCWdBYfW3w==

GET
H2 200 pixel.png
analytics1.ninahale.net/ 609 B
1 KB 129ms
7ms Image
image/png 35.227.195.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics1.ninahale.net/pixel.png?clientID=2c8b871e52d4e5f5db5ff84a82a45327e20df77edef961c4b6fa0e9c3d97ce5b&id=&id_fp=&host=149.111.166.221&page=/&pageURL=https://149.111.166.221/&ref=&web_ts=2022-06-09T02:32:37.116Z&adobe_ecid=60058556500149030412630557837841419524&adobe_vid=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&hit_type=pageview
Requested by: Host: 149.111.166.221
URL: https://149.111.166.221/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.195.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.195.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:04:44 GMT
age: 1673
x-guploader-uploadid: ADPycdvKjKOUAK4Z_LBFGXhSVkhCMrrbmiRsJJGplPAfPBYl6tJMzFLXiakW0kczO1E53OaX7UOE7YcliR2jSwEljhmNwg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 609
last-modified: Fri, 08 Feb 2019 16:21:55 GMT
server: UploadServer
etag: "6802175f61adc40617e8ba87a30aa6bd"
x-goog-hash: crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
content-language: en
x-goog-generation: 1549642915607418
cache-control: public, max-age=3600
x-goog-meta-set-cookie: coucou=binome
x-goog-stored-content-length: 609
accept-ranges: bytes
content-type: image/png
expires: Thu, 09 Jun 2022 03:04:44 GMT

GET
H2 200 RC170f0279250946f5919b8df3f3ca164c-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 531 B
572 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RC170f0279250946f5919b8df3f3ca164c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0b4b67b6ee43b53aa031da502eb471d8d7a8b04add2f340caa46c84341a0736a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 307
expires: Thu, 09 Jun 2022 03:32:37 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 110ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2009%20Jun%202022%2002%3A32%3A37%20GMT&n=0&b=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&.yp=10059574&f=https%3A%2F%2F149.111.166.221%2F&enc=UTF-8&yv=1.12.0&tagmgr=gtm%2Cadobe

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:37 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 09 Jun 2022 02:32:37 GMT

GET
H2 200 RC30e54d1f9bf34cf7af5e561d2d7b294f-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 959 B
761 B 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RC30e54d1f9bf34cf7af5e561d2d7b294f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 33045f764117645b784ea28aac556a60e4f9943d1c0a49287044c580815399ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 496
expires: Thu, 09 Jun 2022 03:32:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-83933624-1&cid=1427427261.1654741956&jid=691661508&gjid=878539308&_gid=854847944.1654741956&_u=KGBACAAABAAAAC~&z=1090876600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 09 Jun 2022 02:32:37 GMT
content-type: text/plain
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCb4e8d8869cf04154906a6b8385dfb4db-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 425 B
543 B 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RCb4e8d8869cf04154906a6b8385dfb4db-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 580770e1144e7becff7554306a32f2787ef01db9a27e2065b11f369445a2b822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 278
expires: Thu, 09 Jun 2022 03:32:37 GMT

GET
H2 200 RC9cdf59a600164ccc855d43e9d15efb3f-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 1 KB
792 B 8ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RC9cdf59a600164ccc855d43e9d15efb3f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cb6d2f058312e3a2c836afc45861a610ca59ddeaf38ee3b0db0d4b31ddd9e1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 527
expires: Thu, 09 Jun 2022 03:32:37 GMT

GET
H2 200 RC53f54f30e66e412bad0a9a9be62b211f-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RC53f54f30e66e412bad0a9a9be62b211f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b78d9348fb168bffa53c0b31ac5772580999a6d980eb8c84994b447575961aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1034
expires: Thu, 09 Jun 2022 03:32:37 GMT

GET
H2 200 RC0f386aa81cf74189887ffcdcd6f330c4-source.min.js Show response
assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/ 517 B
600 B 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/58f44a312b24/afcdfac90b5b/00558bf3cee1/RC0f386aa81cf74189887ffcdcd6f330c4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 295b3dbee81275c714e1d8b4b401418036f04e33ee344376a9b5c22c286869ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 20:27:32 GMT
server: AkamaiNetStorage
etag: "f7e92298f7cd38bc4f2ae54093634286:1654720052.948853"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://149.111.166.221
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 335
expires: Thu, 09 Jun 2022 03:32:37 GMT

GET
H3

200

activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F Show response
8584968.fls.doubleclick.net/ Frame 9A15
Redirect Chain

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?
https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F14...

1 KB
802 B

38ms
23ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

74c24dbe47d0d9072a678ffb5119c1af8e687ec3c75039fc5c481d9027c1b7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 779
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 02:32:37 GMT
expires: Thu, 09 Jun 2022 02:32:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 02:32:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F Show response
8584968.fls.doubleclick.net/ Frame 5355
Redirect Chain

https://8584968.fls.doubleclick.net/activityi;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?
https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149...

392 B
355 B

66ms
58ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

353bd8cbc89d3c56d52905d961130e508c51000cd090b9b60f1821848b2bad7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 332
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 02:32:37 GMT
expires: Thu, 09 Jun 2022 02:32:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 02:32:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK six-dot-five-patches.css
149.111.166.221/content/dam/uhcdotcom/en/css/ 2 KB
1 KB 203ms
125ms Stylesheet
text/css 149.111.166.221
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://149.111.166.221/content/dam/uhcdotcom/en/css/six-dot-five-patches.css

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

01421c447430e106a5c23907322807135f6e44786e71404521c5dae1f86eede2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jun 2022 21:21:28 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=496
Content-Length: 691
Expires: Sat, 09 Jul 2022 02:32:37 GMT

GET
H2 204 28088867.js Show response
bat.bing.com/p/action/ 0
118 B 168ms
168ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/28088867.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2DF7D6854A55445AABF7670A914A9FD4 Ref B: FRAEDGE1406 Ref C: 2022-06-09T02:32:37Z
date: Thu, 09 Jun 2022 02:32:36 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=28088867&Ver=2&mid=863713c3-81d3-4aa7-86d4-012f676bcbc3&sid=6d0bdb30e79c11ecb96a850f952f2e08&vid=6d0bddd0e79c11eca91ca9803b8a9900&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Health%20insurance%20plans%20for%20individuals%20%26%20families,%20employers,%20medicare%20%7C%20UnitedHealthcare&p=https%3A%2F%2F149.111.166.221%2F&r=&lt=2791&evt=pageLoad&msclkid=N&sv=1&rn=491181

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D1BE52DAACF4E6F80338B4B5ECA1989 Ref B: FRAEDGE1406 Ref C: 2022-06-09T02:32:37Z
date: Thu, 09 Jun 2022 02:32:36 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 148007063.js Show response
bat.bing.com/p/action/ 0
136 B 136ms
136ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148007063.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5DC40BEC2234151B752E6DA52DF588C Ref B: FRAEDGE1406 Ref C: 2022-06-09T02:32:37Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 09 Jun 2022 02:32:36 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 76ms
76ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148007063&Ver=2&mid=8f404d57-e64b-412c-bb24-45eb15c132af&sid=6d0bdb30e79c11ecb96a850f952f2e08&vid=6d0bddd0e79c11eca91ca9803b8a9900&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Health%20insurance%20plans%20for%20individuals%20%26%20families,%20employers,%20medicare%20%7C%20UnitedHealthcare&p=https%3A%2F%2F149.111.166.221%2F&r=&lt=2791&evt=pageLoad&msclkid=N&sv=1&rn=148928

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5503D56B2C448478D6ECC9ADB024D7E Ref B: FRAEDGE1406 Ref C: 2022-06-09T02:32:37Z
date: Thu, 09 Jun 2022 02:32:36 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=*;~oref=https%3A%2F%2F149.111.166.221%2F
adservice.google.com/ddm/fls/z/ Frame 9A15 42 B
494 B 65ms
43ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=*;~oref=https%3A%2F%2F149.111.166.221%2F

Requested by

Host: 8584968.fls.doubleclick.net
URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CIWQu5Sqn_gCFU7N1QodpkwPLA;src=8584968;type=uhcbr0;cat=lpg_u00p;ord=1238630940280;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9A15 99 KB
26 KB 28ms
13ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: NswsjezknSN5JokDnkdEUYamc60cYmMKwxtyYaxZKWqbDDv0m6J8/gPdDMp6vlzRwkpl0FLiGik7Ff030VN5Cg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 09 Jun 2022 02:32:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=*;~oref=https%3A%2F%2F149.111.166.221%2F
adservice.google.com/ddm/fls/z/ Frame 5355 42 B
107 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=*;~oref=https%3A%2F%2F149.111.166.221%2F

Requested by

Host: 8584968.fls.doubleclick.net
URL: https://8584968.fls.doubleclick.net/activityi;dc_pre=CMDQu5Sqn_gCFVC81Qod3fkMdQ;src=8584968;type=uhcbr0;cat=lpg_stu;ord=6804919188671;gtm=2od660;auiddc=2079434672.1654741956;~oref=https%3A%2F%2F149.111.166.221%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1231592023559249 Show response
connect.facebook.net/signals/config/ Frame 9A15 28 KB
7 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1231592023559249?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32c15e394402b1d6bf5c94448f6e62c3a1e47ca2ab7b70f94662f2f296157747

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: S8UiiHKgvUSEM5rNmStRRA0c4CJeeDUQJxpTko4bvMBBQsYj1bt+goVkX7XqpJdXkQm3saCnIaGfEyAzdvMdww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 09 Jun 2022 02:32:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654741957415
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 9A15 44 B
297 B 42ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=PageView&dl=https%3A%2F%2F8584968.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIWQu5Sqn_gCFU7N1QodpkwPLA%3Bsrc%3D8584968%3Btype%3Duhcbr0%3Bcat%3Dlpg_u00p%3Bord%3D1238630940280%3Bgtm%3D2od660%3Bauiddc%3D2079434672.1654741956%3B~oref%3Dhttps%253A%252F%252F149.111.166.221%252F%3F&rl=https%3A%2F%2F149.111.166.221%2F&if=true&ts=1654741957429&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=28&it=1654741957374&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 09 Jun 2022 02:32:37 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 9A15 44 B
101 B 42ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231592023559249&ev=LPG_UHC%20Brand_UHC%20Landing%20Page_Site%20Visit&dl=https%3A%2F%2F8584968.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIWQu5Sqn_gCFU7N1QodpkwPLA%3Bsrc%3D8584968%3Btype%3Duhcbr0%3Bcat%3Dlpg_u00p%3Bord%3D1238630940280%3Bgtm%3D2od660%3Bauiddc%3D2079434672.1654741956%3B~oref%3Dhttps%253A%252F%252F149.111.166.221%252F%3F&rl=https%3A%2F%2F149.111.166.221%2F&if=true&ts=1654741957431&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=28&it=1654741957374&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8584968.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 09 Jun 2022 02:32:37 GMT

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 269 KB
60 KB 33ms
7ms Script
text/javascript 99.86.1.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9b48c755725743e1aca48496b38b9064.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-83.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 7DQOWH.amdxDpUWlY21SVaIgJjRzy61c
Content-Encoding: gzip
ETag: "88f25cac4c51e708e8ec7ed5d725070d"
Age: 1384
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 61240
Last-Modified: Fri, 25 Mar 2022 14:12:38 GMT
Server: AmazonS3
Date: Thu, 09 Jun 2022 02:09:34 GMT
Content-Type: text/javascript
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: jv9xR2cbNOR2S2nyN_YPkm_aj43LTSyVzTwMBSFaU6JqAvN1qxWOIA==

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame 0963 2 KB
1 KB 8ms
7ms Document
text/html 2600:9000:2057:4e00:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer: https://149.111.166.221/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 156
cache-control: public,max-age=7200
content-encoding: gzip
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Jun 2022 02:30:30 GMT
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id: oo-RNAmonLuSXhM7scCGPE6HD873VIUUyP8eKTvJ0ASnurJS9Ib5hQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1e622ddb-c01e-0035-8020-7a479d000000
x-ms-version: 2009-09-19

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.7887977aea3bb823fcbd40add3bd5ed0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

742ddae86d55488a6e7b949b9d059bdb4923c3fa58eb576a53f71aa041874657

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Tue, 31 May 2022 15:49:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=495
Content-Length: 25485
Expires: Sat, 09 Jul 2022 02:32:37 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.7887977aea3bb823fcbd40add3bd5ed0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

80c0836cf5ac64f99b58965b5fc4cb6f18da37e199fe9ba6ed1260b55f452e4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Tue, 31 May 2022 15:49:24 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=492
Content-Length: 27331
Expires: Sat, 09 Jul 2022 02:32:37 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: 149.111.166.221
URL: https://149.111.166.221/etc.clientlibs/uhcfoundation/clientlibs/clientlib-initial.min.7887977aea3bb823fcbd40add3bd5ed0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.166.221 , United States, ASN10879 (UHC, US),

Reverse DNS

uhccom-origin-elr.uhc.com

Software

Apache /

Resource Hash

c1982f0ff3b89e59d0e46bdd9ee50eee6975138acbbda53bb5e6db27ce4cacbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 09 Jun 2022 02:32:37 GMT
Last-Modified: Tue, 31 May 2022 15:49:25 GMT
Server: Apache
Content-Security-Policy: default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src *;font-src * data: ;connect-src *;img-src * data: blob:;frame-ancestors 'none'
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Content-Disposition: inline
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=489
Content-Length: 28248
Expires: Sat, 09 Jul 2022 02:32:37 GMT

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 14 B
291 B 411ms
99ms XHR
text/javascript 3.225.44.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2F149.111.166.221%2F&jsver=596&originalUrl=https://149.111.166.221&sse=1654741957571&inTg=a&acr=0
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.44.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-44-8.compute-1.amazonaws.com
Software: /
Resource Hash: 0dca547b59c4fbcd851ab52275af17aca24162114b919ddaa955e7d35838e9d4

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 09 Jun 2022 02:32:37 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: https://149.111.166.221
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 14

GET
H2 200 s63356805983230
smetrics.uhc.com/b/ss/uhcsuhcprd,uhcsglobalprd/1/JS-2.22.4-LCS4/ 43 B
245 B 22ms
21ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.uhc.com/b/ss/uhcsuhcprd,uhcsglobalprd/1/JS-2.22.4-LCS4/s63356805983230?AQB=1&ndh=1&pf=1&t=9%2F5%2F2022%202%3A32%3A37%204%200&sdid=139533E1EAEE1350-7A4A7A2202ACEA4B&mid=60058556500149030412630557837841419524&aamlh=6&ce=UTF-8&pageName=UHC%20Home&g=https%3A%2F%2F149.111.166.221%2F&cc=USD&ch=Home&server=149.111.166.221&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=UHC%20Home&v1=UHC%20Home&v2=60058556500149030412630557837841419524&v5=9%3A30PM&v6=Wednesday&v7=Weekday&v8=First%20Visit&c9=https%3A%2F%2F149.111.166.221%2F&v9=New&c10=D%3Dv16&v10=1&c11=D%3Dv17&c12=D%3Dv18&c13=D%3Dv19&v13=Banner%3A%20see-how-your-medicare-plan-has-more-for-you-member-october%2C%20Tile%201%3A%20mental-health-provider%2C%20%20Tile%202%3A%20virtual-visits-tips%2C%20Tile%203%3A%20cost-saving-tips&c14=D%3Dv20&v15=https%3A%2F%2F149.111.166.221%2F&v16=Home&v17=Home&v18=Home&v19=Home&v20=Home&c33=en&v86=en&v180=aa%20%7C%20home%20%7C%20window%20loaded%20%7C%20202007%20-%20s.t&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=92E102BE5330583D0A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 02:32:37 GMT
x-content-type-options: nosniff
x-c: main-1645.Id526ce.M0-571
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 10 Jun 2022 02:32:37 GMT
server: jag
xserver: anedge-df488f754-8h6jd
etag: 3553531295363530752-4619797933127402299
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 08 Jun 2022 02:32:37 GMT

GET
H2 401 InviteTriggers Show response
api.iperceptions.com/ 0
31 B 30ms
29ms XHR
text/plain 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://149.111.166.221/
accept-language: de-DE,de;q=0.9
SecurityToken: ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:37 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: -1

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 161ms
29ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: securitytoken
Access-Control-Request-Method: GET
Origin: https://149.111.166.221
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: securitytoken
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 09 Jun 2022 02:32:37 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HZQWR2GYM4&gtm=2oe660&_p=951583166&_z=ccd.tdB&_ipe=0&cid=1427427261.1654741956&ul=en-us&sr=1600x1200&_s=2&sid=1654741956&sct=1&seg=0&dl=https%3A%2F%2F149.111.166.221%2F&dt=Health%20insurance%20plans%20for%20individuals%20%26%20families%2C%20employers%2C%20medicare%20%7C%20UnitedHealthcare&en=scroll&_et=86&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HZQWR2GYM4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149.111.166.221/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jun 2022 02:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://149.111.166.221
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
149.111.166.221/	1970-01-20 03:40:28	Name: _gid Value: GA1.4.854847944.1654741956
149.111.166.221/	1970-01-20 05:48:37	Name: _gcl_au Value: 1.1.2079434672.1654741956
.demdex.net/	1970-01-20 07:58:13	Name: demdex Value: 60046661424593798582633576109821277847
149.111.166.221/	1969-12-31 23:59:59	Name: AMCVS_92E102BE5330583D0A490D4C%40AdobeOrg Value: 1
149.111.166.221/	1970-01-20 21:11:40	Name: AMCV_92E102BE5330583D0A490D4C%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19153%7CMCMID%7C60058556500149030412630557837841419524%7CMCAAMLH-1655346756%7C6%7CMCAAMB-1655346756%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1654749156s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0
149.111.166.221/	1970-01-20 21:10:13	Name: _ga_HZQWR2GYM4 Value: GS1.1.1654741956.1.0.1654741956.0
149.111.166.221/	1970-01-20 21:10:13	Name: _ga Value: GA1.1.1427427261.1654741956
149.111.166.221/	1970-01-20 21:13:06	Name: mbox Value: session#b003bf010cd4438b9afb7deb4e34ea2e#1654743817\|PC#b003bf010cd4438b9afb7deb4e34ea2e.37_0#1717986757
.doubleclick.net/	1970-01-20 13:00:37	Name: IDE Value: AHWqTUmQf65mASf1x8xfEu1DUG92BsNo9OjLEjPLnz3uoaspgcCjm2b86eZyxFiW
149.111.166.221/	1970-01-21 03:39:01	Name: nmstat Value: a474db64-5afd-22a4-d6e1-ed12863e8030
149.111.166.221/	1969-12-31 23:59:59	Name: flyout Value: closed
149.111.166.221/	1970-01-20 03:39:02	Name: _gat_347c5d4f7e9b7bb635537586a8c5947a Value: 1
.bing.com/	1970-01-20 13:00:37	Name: MUID Value: 0B073C3ED13561D030772D80D05E607A
149.111.166.221/	1970-01-20 21:11:40	Name: adcloud Value: {%22_les_v%22:%22y%2C149.111.166.221%2C1654743757%22}
149.111.166.221/	1970-01-20 03:40:28	Name: _uetsid Value: 6d0bdb30e79c11ecb96a850f952f2e08
75161.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE58234E1749C0C8D9A92211750FA6F721F8D94C802FC0ABEC312B9A2BE95F42025942029CF1A24ECE2DEC01625DB7FC442F
149.111.166.221/	1970-01-20 13:00:37	Name: _uetvid Value: 6d0bddd0e79c11eca91ca9803b8a9900
.yahoo.com/	1970-01-20 12:24:59	Name: A3 Value: d=AQABBMVboWICEH7MCF8v3nEaTvuDmkYqzxQFEgEBAQGtomKrYgAAAAAA_eMAAA&S=AQAAAuysj6ddyw_jfPOIB7908-4
149.111.166.221/	1970-01-20 03:39:03	Name: gpv_pn Value: UHC%20Home
149.111.166.221/	1970-01-21 05:55:49	Name: dslv Value: 1654741957630
149.111.166.221/	1970-01-20 03:39:03	Name: dslv_s Value: First%20Visit
149.111.166.221/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
149.111.166.221/	1969-12-31 23:59:59	Name: s_ppv Value: UHC%2520Home%2C40%2C40%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
149.111.166.221/	1970-01-20 04:22:13	Name: s_vnum Value: 1657333957633%26vn%3D1
149.111.166.221/	1970-01-20 03:39:03	Name: s_invisit Value: true
149.111.166.221/	1970-01-20 12:24:37	Name: s_nr Value: 1654741957634-New
149.111.166.221/	1970-01-20 03:39:03	Name: s_ppn Value: UHC%20Home
149.111.166.221/	1969-12-31 23:59:59	Name: s_cc Value: true
149.111.166.221/	1969-12-31 23:59:59	Name: ipe_s Value: 9d9efd71-034a-e666-9d8c-a8df323143d7
149.111.166.221/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value:
149.111.166.221/	1969-12-31 23:59:59	Name: sc.Status Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.iperceptions.com/InviteTriggers Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';style-src * 'unsafe-inline';media-src * blob: ;script-src * blob: 'unsafe-inline' 'unsafe-eval';frame-src ;font-src data: ;connect-src ;img-src data: blob:;frame-ancestors 'none'
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

164773174ba1.o3n.io
75161.global.siteimproveanalytics.io
8584968.fls.doubleclick.net
adservice.google.com
analytics1.ninahale.net
api.iperceptions.com
assets.adobedtm.com
bat.bing.com
connect.facebook.net
d2oh4tlt9mrke9.cloudfront.net
dpm.demdex.net
googleads.g.doubleclick.net
instant.page
lasteventf-tm.everesttech.net
s.yimg.com
siteimproveanalytics.com
smetrics.uhc.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
uhc.tt.omtrdc.net
universal.iperceptions.com
ws.sessioncam.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.36.218.177
142.250.184.194
142.250.185.134
149.111.166.221
151.101.2.49
212.82.100.181
2600:9000:2057:4e00:8:e7ba:7440:93a1
2606:4700::6811:91a
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c01::9d
2a02:26f0:3500:587::1e80
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a06:98c1:3121::3
3.225.44.8
34.203.47.152
35.227.195.198
52.138.200.61
52.215.111.225
52.57.130.8
79.125.52.138
96.16.147.243
99.86.1.83
01421c447430e106a5c23907322807135f6e44786e71404521c5dae1f86eede2
057ed9cdb777276b8a0ac314335f52e12801d4782dd505aa9e5a1d4444c7868d
079d77a69d378be52a6a8ca5f66f8196871701abc01f0c11a2f71e9d200eb30f
0b3fd81c030319604cfed6e8f0eac6d8699dcaa4ee6a4b923a15e55823cf1025
0b4b67b6ee43b53aa031da502eb471d8d7a8b04add2f340caa46c84341a0736a
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
0dca547b59c4fbcd851ab52275af17aca24162114b919ddaa955e7d35838e9d4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
1087c091dfe6ae5e44d78f6c19f2a1bd9f7b791d1ad91ee5e404d6823de1b309
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13faf9c2facd5c53adda7a326dae6e36c3aa6578268752a8374d7915f50d36cf
14ce988c67fafb84fa1ff8bdec961a4d9c5a7f6cef44c3d89618eeb4f66fdc1d
1689129c5091c4dfd4b0fe3cd4f260d039eff5f1caabed6cb7c1f78227ef6106
1b1a99c750838bdc4b857bbfec69dfa9e1cc446a9a34ae9c1b8c4c38edc5b261
1c05e48446f9127388b7fa6ee4c6daa4a9da8d71a747851983120e13213e5a38
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20a42c36cdb01d8f92a7eacc4e22a0cfc40273d1e14049ed60a50dfdc2afaa86
22b14b5fd097ebc80346ec2b6ffb60ea66aeb9be6cf9daabf5812b67c7800d96
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
2336b674c76b7ea8a5756e36c2f5b045bb840d21b55a73f116b59b1bff7abea9
295b3dbee81275c714e1d8b4b401418036f04e33ee344376a9b5c22c286869ed
2a06285e999ebbc66cf8522e224ee7fe10e5580ae433fa4e736d2e40489770bd
2abe5631edc06ad446ebece038f0239e3ba63f477a05ac84b3da7d5a19c5ddb0
32c15e394402b1d6bf5c94448f6e62c3a1e47ca2ab7b70f94662f2f296157747
33045f764117645b784ea28aac556a60e4f9943d1c0a49287044c580815399ee
353bd8cbc89d3c56d52905d961130e508c51000cd090b9b60f1821848b2bad7d
381559206b26b0c6a7d18503c24928a41c25fce278acea4be180ed013368436c
3b7e100265e348f57f4fa8a5d5b0f9280ec4b1932d8227a1d7498d95a64b19d6
3c319d4176c641538e14c748cdb4cd7dc1651b4ec10ef767c586f2b1628003a2
3cbbf4169eee3de4c8364f1f44e7d7dcdcf8f6e5e038b7d0e7c831e0c24633cf
3fa800389b9a888ebbfda69fe6abda7ac2ed2ea1f52125035acd30ae85d0302b
438c70909e5293b665d6f597c8d70637a81f380acbbc10fa85871c09e59fbd93
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fc150121c58243d25c46de0302c550f6fa6cd69c7916ac48d77716e0492309
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
53a8b28b8d935ee16374f47dc39adf3d69e97a0daf5edbf5f1bb2ec1436bb841
568715dffe1216519a1d9bab81269a849419ee967f77e459fc066f55bf3c22b9
580770e1144e7becff7554306a32f2787ef01db9a27e2065b11f369445a2b822
5c486701e64aa8051f65c143ec936ef100186ac6bc083bd9e8ae8913c406f8e8
5da9ef2ac02ad19a29e41555f44ce5639db3ef8884ddd7c0364a02a61b51a400
5edf7276713b08292c2eb988b2906b022b649352f50be3cabbebf81ce64065c8
60bc9dc1cc0776ebc778f6565cb97e8c7685eabd54ca4d9d9907f30c153c8018
6207c72cb8808f45cd69d92925067512a9753108bd41dc7b43b7f21e98fafece
62659a31050f1ee81d20ec930f30d92c1f509f31b621286920d6053870656f06
6381ae11950dd9b065f070d34a91577bb6a27139770f90cafce8bd7b5eab6614
697595920ca97da6835fe072a185b2fe375093147b6862eaff67f9b7ac206e4c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c489a0bd13149408c04d06df94732daf04c9d06ff497f604294106ae1d254c3
6ce8b59ca7ea4d8efd5ae83c22879c14289ef995b56a667bcd10726f07e839f7
6e17eb1bfb1bb0102ff3648db7bcf9bbbd59057b907e402e3fa9816d16655328
6f920e2ff1a3dcaf7c83283c2b95941cfbe91f02cba81304bcda28095b1cc9c2
742ddae86d55488a6e7b949b9d059bdb4923c3fa58eb576a53f71aa041874657
74c24dbe47d0d9072a678ffb5119c1af8e687ec3c75039fc5c481d9027c1b7fc
789760e0f443db840e01c6c6ad7e5e1465839381956f0bd1878e205421d8fc05
79838d517514d34a36a13ee5843130b8e925aa94870711e45545a811943bb12e
7ad2035b798ffed705d738fcbc5d6ec097364559d1a34a618c5421947583cff9
7b180efdacf2caf32fe6232ed56bf6089c55edd52497d1c23191db4a9afcf9bf
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
80c0836cf5ac64f99b58965b5fc4cb6f18da37e199fe9ba6ed1260b55f452e4d
8228bd4928517c1e5c592182e2942028c87d6bff40a382dfe881b5cd9e6756b5
84a6614e572f4ce4064d2ffc2a882f89d8b52cc66234eb99095fb3c5dd4aef73
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
90aea666e26fea2a10ed94547032fffe94688b33be67a31bcaa7ef742c3bc87a
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
95abe71d9ab7da5e64d628fde794f9e449adb5233e43463bbb09036d8213216d
9613518ce824458e3724c5041678d3f826943707a86fd192e2e49aec4d82aa8d
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
96d2262e8f5fa027a8672a07fd92b2737b3aef3382b58fcc3ab6851e29a69c9e
9a2356f617f58aee4cf1ee23420203d11255ccc4efe69b04bc998ced2da75349
9aeb3b48847d92b21f068e27fed8172ecefdc854d5e9bc47a9f5699c676fe220
9cd36c5aac40622a7d362399fe5d139e903d58e05fa02cca446f8e9bc36e9bcc
9f5a484012a39673c20adad65cb49047cda5bc883ffbaea439899707c83af3e6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6240fd7d991e22e3fa4f74bbc87c2445c51d683971f5193808c664520d832d5
ab56c6b9e594e781a8a73f4eea35b307bcb7a76615a58e954184e41fc5914fdf
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b148f76d46abf49bf71ce4b6aaab5b9e02b2774dc83c7d94e8d3a31ae1bd0c49
b5311a08c4bf52be77a75e2e2bf0ea7e1754673845f9feda56612b56a96423b5
b78d9348fb168bffa53c0b31ac5772580999a6d980eb8c84994b447575961aac
b8a66c45344f2f71472e3475916cf5a069d78459254a38334e5acbd4fdfc00e7
bc5c36257c3953104c6e64a0fb41312ab800d638cfd21d66c4086f6705c57be6
bd9a66ef1adbed0c8bfb9e5996ad0d7e07771f4c2f56dfb29ab4715273220f27
c1982f0ff3b89e59d0e46bdd9ee50eee6975138acbbda53bb5e6db27ce4cacbb
c1e796b79d07d70d22f909d2480bfd91623a9821eaf513aed6d5d23b04fbb329
c28b36ca2028e57a10e225a368c3cca41d30919d7e32f4a70b8d7b3960e6ed8f
c5992cbcead34bb80da9b732964325a78a8803a2f95bfa850e407401ec86a605
c7b8169d872d0e790b1e23b4930c198431098af12f4ceab6219f8f799b4683e0
c9bc66a882db43c73cba06a134b1613ce3711e36b44024eca042b42497e27032
caecbd7df1cf56c93befb54bbbfd9f98121a0dc5c7e180ec29f8ac5fa1641804
cb6d2f058312e3a2c836afc45861a610ca59ddeaf38ee3b0db0d4b31ddd9e1ea
cbeeac4fe9485bc8bb08153ddab535125e664caa423c4c4b91f729fd2a4f35a7
cc80279401611bdf5614d250523a0e9c5168c5dd76ef30cafe8cd2843037dc8e
cfb2bd2cec956c1b933ee38c7f51326d91959d82e6f23d7a68012e3834f24710
d02266586567d3889ef80ab66eae3f377deaab9bb42ba209e8fb7e9890371458
d72b75c2c79a93b5008e3f5de9b7cb66c0d1813bfdf8fae30268796e4aa43531
d8acfc49fb9591560a181940f9e793abe8df30bff82a2bd59c917e03116ab7f9
d9f2f1423b5ceb30122c5aa5eb03fc58342490725714f0a231cd9f8c5da143cb
daac6ebadb6f759a2c60be7119f250e38c37bffdaff1df6a4b3829b395a39c1f
de47e5b521e1ce1847da141b9f677295e2ea3dff2e41cb940d661e06eaa06219
e3486fe0347cc74c6ba84513be456b0cc8e1fca4acb09cc2d0098c8ad0441254
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e799bbfe34a7b3c18a39cda68b092ffb8eaf49b7b82cad234954e0c25c1c6f6c
e8f572ad78aebce8a894413297899eabcbdc22acedd8da45d33224f1d67ac330
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e0c5d8d84e20b0746a2c6eeff92895859fec0d608b452f4d1833e0bc2669c2
fa0391c4d26dd2ea89433e6a381470965b78405b2bdbe46a9ca18b059d489746
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
fe80941f910144b37430b77f03fb184e2606ad3092ee45bd85828978af882553

149.111.166.221 Open in urlscan Pro 149.111.166.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

61 %HTTPS

50 %IPv6

25 Domains

29 Subdomains

30 IPs

7 Countries

1984 kBTransfer

4647 kBSize

31 Cookies

14 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

149.111.166.221 Open in urlscan Pro
149.111.166.221 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

61 %
HTTPS

50 %
IPv6

25
Domains

29
Subdomains

30
IPs

7
Countries

1984 kB
Transfer

4647 kB
Size

31
Cookies

148 HTTP transactions
0 data transactions