urlscan.io logo urlscan.io
SecurityTrails logo

mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com Open in urlscan Pro
66.231.91.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.messageinsite.com/?qs=f60a4c1068d8a4cc62b4a1a712704f2c996b60686a39259ef7b91a38e67e1c6f63391a968972dbc9edcc307b98c3...
Effective URL: http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
Submission: On July 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 23 domains to perform 37 HTTP transactions. The main IP is 66.231.91.26, located in United States and belongs to EXACT-7, US. The main domain is mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com.
This is the only time mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.145.229 22606 (EXACT-7)
2 2 66.231.91.36 22606 (EXACT-7)
2 66.231.91.26 22606 (EXACT-7)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
8 52.208.93.119 16509 (AMAZON-02)
1 99.86.91.44 16509 (AMAZON-02)
1 18.66.107.43 16509 (AMAZON-02)
2 146.75.117.230 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.208.156.123 16509 (AMAZON-02)
2 63.140.62.164 15224 (OMNITURE)
1 1 52.50.235.196 16509 (AMAZON-02)
1 66.235.152.115 16509 (AMAZON-02)
1 185.29.132.245 30419 (MEDIAMATH...)
2 2 142.250.185.66 15169 (GOOGLE)
1 35.241.45.82 15169 (GOOGLE)
1 52.223.40.198 16509 (AMAZON-02)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 34.111.234.236 396982 (GOOGLE-CL...)
1 1 2600:1901:0:8... 15169 (GOOGLE)
2 2 13.249.9.34 16509 (AMAZON-02)
1 1 18.203.192.232 16509 (AMAZON-02)
1 2 54.208.26.70 14618 (AMAZON-AES)
1 2a02:26f0:480... ()
37 16
1    13.111.145.229 (United States)

ASN22606 (EXACT-7, US)
PTR: click.messageinsite.com
click.messageinsite.com
2    66.231.91.36 (United States)

ASN22606 (EXACT-7, US)
pub.s1.exacttarget.com
2    66.231.91.26 (United States)

ASN22606 (EXACT-7, US)
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
5    2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
8    52.208.93.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    99.86.91.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-44.cdg50.r.cloudfront.net
t.a3cloud.net
1    18.66.107.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-43.fra56.r.cloudfront.net
d2oh4tlt9mrke9.cloudfront.net
2    146.75.117.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
resources.digital-cloud-west.medallia.com
1    2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
1    52.208.156.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-156-123.eu-west-1.compute.amazonaws.com
wellpoint.demdex.net
2    63.140.62.164 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-164.data.adobedc.net
smetrics.anthem.com
1    52.50.235.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-235-196.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    66.235.152.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-115.data.adobedc.net
wellpoint.tt.omtrdc.net
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    13.249.9.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-34.cdg53.r.cloudfront.net
ads.scorecardresearch.com
1    18.203.192.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-192-232.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    54.208.26.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-26-70.compute-1.amazonaws.com
mid.rkdms.com
1    2a02:26f0:480:99e::1e80 (None, )

ASN- ()
assets.adobedtm.com
Apex Domain
Subdomains		 Transfer
9 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
wellpoint.demdex.net — Cisco Umbrella Rank: 61130
12 KB
6 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 411
519 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1905
234 B
2 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 3681
678 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
959 B
2 anthem.com
smetrics.anthem.com — Cisco Umbrella Rank: 56426
3 KB
2 medallia.com
resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4162
84 KB
2 sfmc-content.com
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
7 KB
2 exacttarget.com
pub.s1.exacttarget.com — Cisco Umbrella Rank: 799780
567 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
205 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2646
322 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1974
343 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 258
611 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
265 B
1 kampyle.com
udc-neb.kampyle.com — Cisco Umbrella Rank: 2153
318 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
442 B
1 omtrdc.net
wellpoint.tt.omtrdc.net — Cisco Umbrella Rank: 77269
873 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1111
517 B
1 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 1918
83 KB
1 cloudfront.net
d2oh4tlt9mrke9.cloudfront.net
781 B
1 a3cloud.net
t.a3cloud.net — Cisco Umbrella Rank: 3738
1 messageinsite.com
click.messageinsite.com — Cisco Umbrella Rank: 209760
image.messageinsite.com Failed
263 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
37 23
Domain Requested by
8 dpm.demdex.net assets.adobedtm.com
6 assets.adobedtm.com mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
assets.adobedtm.com
2 mid.rkdms.com 1 redirects
2 ads.scorecardresearch.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 smetrics.anthem.com assets.adobedtm.com
2 resources.digital-cloud-west.medallia.com assets.adobedtm.com
resources.digital-cloud-west.medallia.com
2 mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
2 pub.s1.exacttarget.com 2 redirects
1 sync.crwdcntrl.net 1 redirects
1 fei.pro-market.net 1 redirects
1 ml314.com 1 redirects
1 c.bing.com 1 redirects
1 match.adsrvr.org
1 udc-neb.kampyle.com
1 sync.mathtag.com
1 wellpoint.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 wellpoint.demdex.net assets.adobedtm.com
1 cdn.quantummetric.com mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
1 d2oh4tlt9mrke9.cloudfront.net mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
1 t.a3cloud.net mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
1 click.messageinsite.com 1 redirects
0 image.messageinsite.com Failed mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
0 global.ib-ibi.com Failed
37 25

This site contains no links.

Subject Issuer Validity Valid
*.pub.sfmc-content.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-01 -
2024-05-01		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.a3cloud.net
Amazon RSA 2048 M02		 2023-04-03 -
2024-04-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.digital-cloud-west.medallia.com
SSL.com RSA SSL subCA		 2022-10-13 -
2023-11-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-17 -
2024-05-16		 a year crt.sh
smetrics.anthem.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-29 -
2023-08-29		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-09-01		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-03-29 -
2024-02-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 2 frames:

Primary Page: http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
Frame ID: 29FB581FA60EE5206D8674247CE58258
Requests: 26 HTTP requests in this frame

Frame: https://wellpoint.demdex.net/dest5.html?d_nsid=0
Frame ID: 0359FEFA718E78CCA23B7562FDD9175F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.messageinsite.com/?qs=f60a4c1068d8a4cc62b4a1a712704f2c996b60686a39259ef7b91a38e67e1c6f63391a96... HTTP 302
    https://pub.s1.exacttarget.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS HTTP 301
    https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS Page URL
  2. http://pub.s1.exacttarget.com/ymrgjdfciua?brand=abs HTTP 301
    http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs Page URL

Page Statistics

37
Requests

51 %
HTTPS

21 %
IPv6

23
Domains

25
Subdomains

16
IPs

4
Countries

711 kB
Transfer

5353 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.messageinsite.com/?qs=f60a4c1068d8a4cc62b4a1a712704f2c996b60686a39259ef7b91a38e67e1c6f63391a968972dbc9edcc307b98c326719e071c913c769ad5d105742cc1293453 HTTP 302
    https://pub.s1.exacttarget.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS HTTP 301
    https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS Page URL
  2. http://pub.s1.exacttarget.com/ymrgjdfciua?brand=abs HTTP 301
    http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.messageinsite.com/?qs=f60a4c1068d8a4cc62b4a1a712704f2c996b60686a39259ef7b91a38e67e1c6f63391a968972dbc9edcc307b98c326719e071c913c769ad5d105742cc1293453 HTTP 302
  • https://pub.s1.exacttarget.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS HTTP 301
  • https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=33304043744635969004132942815473677063 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZK3M4wAAAJJSbgOV
Request Chain 19
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzMzMDQwNDM3NDQ2MzU5NjkwMDQxMzI5NDI4MTU0NzM2NzcwNjM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzMzMDQwNDM3NDQ2MzU5NjkwMDQxMzI5NDI4MTU0NzM2NzcwNjM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFSF5zew7Dk-fcZXPaLAEvA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 22
  • https://c.bing.com/c.gif?uid=33304043744635969004132942815473677063&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2AE10785A6576DDE3B6714CEA7856C76
Request Chain 23
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3637017331944652834
Request Chain 24
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=33304043744635969004132942815473677063 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=8817643074911421656
Request Chain 25
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=33304043744635969004132942815473677063&rn=1689111779575&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D33304043744635969004132942815473677063 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=33304043744635969004132942815473677063&rn=1689111779575&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D33304043744635969004132942815473677063 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=33304043744635969004132942815473677063
Request Chain 26
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=33304043744635969004132942815473677063?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 27
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=33304043744635969004132942815473677063&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
suke3xjljvp
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
Redirect Chain
  • https://click.messageinsite.com/?qs=f60a4c1068d8a4cc62b4a1a712704f2c996b60686a39259ef7b91a38e67e1c6f63391a968972dbc9edcc307b98c326719e071c913c769ad5d105742cc1293453
  • https://pub.s1.exacttarget.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
  • https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.231.91.26 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software
/
Resource Hash
8fffc66397b2ef98b1d661f37904d6ad4c0a565e5dd2fd08180d08e06a728dcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
3432
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Jul 2023 21:42:58 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
236
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Jul 2023 21:42:58 GMT
Location
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
launch-02a04093427e.min.js
assets.adobedtm.com/77d981f695af/9fa281512898/ 		2 MB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ba8c1e2beea30651e7e6bef28b3bcf7099099bf95d744b73c0185332d2f7625a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 17:20:29 GMT
server
AkamaiNetStorage
etag
"889283edbafa92ed948d79dd911fa7b2:1681320029.889821"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
253270
expires
Tue, 11 Jul 2023 22:42:59 GMT
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=95CF659E533DE4C90A490D4D%40AdobeOrg&d_nsid=0&ts=1689111779216
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v050-067d2f009.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
jw/9t9shR1M=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1007
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 11 Jul 2023 22:42:59 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Tue, 11 Jul 2023 22:42:59 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:50 GMT
server
AkamaiNetStorage
etag
"d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8755
expires
Tue, 11 Jul 2023 22:42:59 GMT
tag.js
t.a3cloud.net/AM-141454/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.a3cloud.net/AM-141454/tag.js?ns=am
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-44.cdg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sessioncam.recorder.js
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 		155 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
4LJ4mpDpZkeeFIyRkOV.KwIO3JkaD2_i
Content-Encoding
gzip
Via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
Date
Tue, 11 Jul 2023 15:24:12 GMT
X-Amz-Cf-Pop
FRA56-P5
Age
22727
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
169
Last-Modified
Tue, 09 May 2023 06:44:09 GMT
Server
AmazonS3
ETag
"d72d9f955f73ac4670c04333f9c658be"
Content-Type
text/javascript
Cache-Control
max-age=43200
Accept-Ranges
bytes
X-Amz-Cf-Id
IEWuVnoIYZRzpJJzwkyikarJtUEf1zgJX_jXhGRlsm2Ahyj1DuVOhg==
RCc06ddd2e0f004a16b6b53a892188f57c-source.min.js
assets.adobedtm.com/77d981f695af/9fa281512898/0bf79a29876c/ 		566 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/77d981f695af/9fa281512898/0bf79a29876c/RCc06ddd2e0f004a16b6b53a892188f57c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
last-modified
Wed, 12 Apr 2023 17:20:30 GMT
server
AkamaiNetStorage
etag
"68610af6b97bfa1901cdc05631943db8:1681320030.790791"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
357
expires
Tue, 11 Jul 2023 22:42:59 GMT
embed.js
resources.digital-cloud-west.medallia.com/wdcwest/28145/onsite/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/28145/onsite/embed.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.117.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
dKNrFe.8YHnUuKKVD0h0h8Bmbj2rL.Gl
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 21:43:00 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
ZWB3370E2CP7XRH8
age
1876111
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
531
x-amz-id-2
ZClgxVdjmnUCyzuBYSKztMADZiXuPtX0wFu//q2EdO2P7kaqUwCcDrnnNgpmhDDBg2CfPp5KRJc=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Wed, 19 Apr 2023 08:22:37 GMT
server
AmazonS3
x-timer
S1689111781.853982,VS0,VE1
etag
"ae1e117efc3d13e81a13030872372efc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
1
Primary Request ymrgjdfciua
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
Redirect Chain
  • http://pub.s1.exacttarget.com/ymrgjdfciua?brand=abs
  • http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
HTTP/1.1
Server
66.231.91.26 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
Software
/
Resource Hash
43df564c2b800e1b2c7996e7597ed657b8578760f50d88534275190f127bac82

Request headers

Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
3402
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Jul 2023 21:43:04 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
195
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Jul 2023 21:43:02 GMT
Location
http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
quantum-anthem.js
cdn.quantummetric.com/qscripts/ 		290 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-anthem.js
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/suke3xjljvp?brand=ABS&cmp=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:43:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
no-sniff
cf-cache-status
EXPIRED
content-encoding
br
server
cloudflare
etag
W/"168753476978516885892918731689062402664"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
7e54382e7f475b7a-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=86400
dest5.html
wellpoint.demdex.net/ Frame 0359 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellpoint.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.156.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-156-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v050-0e03aa7e8.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
iFkeiingTfA=
content-encoding
gzip
date
Tue, 11 Jul 2023 21:43:00 GMT
last-modified
Wed, 28 Jun 2023 12:57:15 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.anthem.com/ 		48 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.anthem.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=95CF659E533DE4C90A490D4D%40AdobeOrg&mid=33324794493601771904130795722568622661&ts=1689111779598
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jul 2023 21:43:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZK3M4wAAAJJSbgOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=33304043744635969004132942815473677063
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZK3M4wAAAJJSbgOV
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZK3M4wAAAJJSbgOV
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-072458abe.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GjGwimB3SpI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZK3M4wAAAJJSbgOV
Date
Tue, 11 Jul 2023 21:42:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
wellpoint.tt.omtrdc.net/rest/v1/ 		352 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellpoint.tt.omtrdc.net/rest/v1/delivery?client=wellpoint&sessionId=12331bd4c17c49b58f1497a6049e9aa5&version=2.10.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-66-235-152-115.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Jul 2023 21:42:59 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
039b97c6-3807-4b66-9688-318a633e916f
s9757000692308
smetrics.anthem.com/b/ss/wlpreimagineglobalprod/10/JS-2.23.0-LDQM/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smetrics.anthem.com/b/ss/wlpreimagineglobalprod/10/JS-2.23.0-LDQM/s9757000692308?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=11%2F6%2F2023%2021%3A43%3A0%202%200&d.&nsid=0&jsonv=1&.d&sdid=35297CD2C279C085-7F933766E4C18AD7&mid=33324794493601771904130795722568622661&aamlh=6&ce=UTF-8&pageName=public%20%7C%20%2Fsuke3xjljvp&g=https%3A%2F%2Fmc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com%2Fsuke3xjljvp%3Fbrand%3DABS%26cmp%3DEM-MKTCOMM-EOBNOTICE-SYDAPP-ABS&cc=USD&ch=public%20%3E%20%20&v0=EM-MKTCOMM-EOBNOTICE-SYDAPP-ABS&events=event71&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=em-mktcomm-eobnotice-sydapp-abs&v1=D%3Dc1&c3=https%3A%2F%2Fmc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com%2Fsuke3xjljvp&v3=D%3Dc3&c5=Public&v5=D%3Dc5&v6=D%3Dc6&v10=D%3Dc10&v26=D%3Dc26&c27=%20%7C%20&v27=D%3Dc27&c32=%3Fbrand%3Dabs%26cmp%3Dem-mktcomm-eobnotice-sydapp-abs&v32=D%3Dc32&c33=%20%7C%20&v33=D%3Dc33&v86=mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=95CF659E533DE4C90A490D4D%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-aam-tid
D1mLVNGbTbk=
date
Tue, 11 Jul 2023 21:43:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
2442
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v050-09e2763b9.edge-irl1.demdex.com 6 ms
pragma
no-cache
last-modified
Wed, 12 Jul 2023 21:43:00 GMT
server
jag
etag
3627339929316655104-4619600844342758370
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 10 Jul 2023 21:43:00 GMT
076f089b-6fd5-463c-b29d-4195dadeb550
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/076f089b-6fd5-463c-b29d-4195dadeb550
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
img
sync.mathtag.com/sync/ Frame 0359 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=33304043744635969004132942815473677063&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d33304043744635969004132942815473677063
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524" /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 21:43:01 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 11 Jul 2023 21:43:00 GMT
generic1681892556087.js
resources.digital-cloud-west.medallia.com/wdcwest/28145/onsite/ 		369 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.digital-cloud-west.medallia.com/wdcwest/28145/onsite/generic1681892556087.js
Requested by
Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/28145/onsite/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.117.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
6tK6EB8mWFyQeUYCNh90rIDK5TIGC4wb
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 21:43:00 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
DW80X0VTGM055RD2
age
1884931
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
85056
x-amz-id-2
rvARRNmNCLxKJlLPi40YgC6wS9ZuQNcP5s7k0spJ+XoKQ63T6caMpaqi+crEXMlQe4puXcGapY2VRdTnOGyEzCPx8cB6NaESYr351VHMvB4=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Wed, 19 Apr 2023 08:22:37 GMT
server
AmazonS3
x-timer
S1689111781.865102,VS0,VE2
etag
"a119e3f9e971d92ffa23ef9be794bb8a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
ibs:dpid=771&dpuuid=CAESEFSF5zew7Dk-fcZXPaLAEvA&google_cver=1
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzMzMDQwNDM3NDQ2MzU5NjkwMDQxMzI5NDI4MTU0NzM2NzcwNjM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzMzMDQwNDM3NDQ2MzU5NjkwMDQxMzI5NDI4MTU0NzM2NzcwNjM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFSF5zew7Dk-fcZXPaLAEvA&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFSF5zew7Dk-fcZXPaLAEvA&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0b40121e0.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dposJXClQF0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFSF5zew7Dk-fcZXPaLAEvA&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV91cmwiOiAiaHR0cHM6Ly9tYzVzOGs0bXhwbWQtMmJ3ZnhybjdzMG5sZzE0LnB1Yi5zZm1jLWNvbnRlbnQuY29tL3N1a2UzeGpsanZwP2JyYW5kPUFCUyZjbXA9RU0tTUtUQ09NTS1FT0JOT1RJQ0UtU1lEQVBQLUFCUyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjg5MTExNzgwOTA0IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODk0NmU4NWUxZTU5YS0wMmQ2ZjMyMGVhY2MzYy02YTMzNTA1NC0xZDRjMDAtMTg5NDZlODVlMWYxMDQ2IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXdlc3QiLCJhY2NvdW50SWQiOiAyNTYxMywidXJsIjogImh0dHBzOi8vbWM1czhrNG14cG1kLTJid2Z4cm43czBubGcxNC5wdWIuc2ZtYy1jb250ZW50LmNvbS9zdWtlM3hqbGp2cD9icmFuZD1BQlMmY21wPUVNLU1LVENPTU0tRU9CTk9USUNFLVNZREFQUC1BQlMiLCJ3ZWJzaXRlSWQiOiAyODE0NSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZGRkZC1jYWExLTBkY2UtZTAyYy00NjhhLTk3MmEtMTEwYy0zYjM1Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODkxMTE3ODA5MDEiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogNzY3LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTExNzgwOTA0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-k387
date
Tue, 11 Jul 2023 21:43:01 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
generic
match.adsrvr.org/track/cmf/ Frame 0359 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Jul 2023 21:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=1957&dpuuid=2AE10785A6576DDE3B6714CEA7856C76
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://c.bing.com/c.gif?uid=33304043744635969004132942815473677063&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2AE10785A6576DDE3B6714CEA7856C76
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2AE10785A6576DDE3B6714CEA7856C76
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-067d2f009.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qEuEP3bWSd4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6BB0B0852B804E3285356792321FEABB Ref B: FRAEDGE1210 Ref C: 2023-07-11T21:43:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2AE10785A6576DDE3B6714CEA7856C76
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=22052&dpuuid=3637017331944652834
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3637017331944652834
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3637017331944652834
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0f8dcfc1c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AIHqX/JfS4s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:01 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3637017331944652834
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Wed, 12 Jul 2023 17:43:02 GMT
ibs:dpid=575&dpuuid=8817643074911421656
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=33304043744635969004132942815473677063
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=8817643074911421656
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=8817643074911421656
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ocNsFNsDSIg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:00 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=8817643074911421656
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
ibs:dpid=73426&dpuuid=33304043744635969004132942815473677063
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=33304043744635969004132942815473677063&rn=1689111779575&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D333040437446359...
  • https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=33304043744635969004132942815473677063&rn=1689111779575&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D33304043744635...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=33304043744635969004132942815473677063
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=33304043744635969004132942815473677063
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-06ae758f2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ba/fIYp+SJU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 11 Jul 2023 21:43:01 GMT
via
1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG53-C1
x-cache
Miss from cloudfront
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=33304043744635969004132942815473677063
content-length
0
x-amz-cf-id
R1v6XzJMKhzWgwAILrpGJNAxkJSpm_amOnIooZpklIMddwApVZvEiw==
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 0359
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=33304043744635969004132942815473677063?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Protocol
HTTP/1.1
Server
52.208.93.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-93-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-02fed42b9.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QkNhUh9iRmc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control
no-cache
x-server
10.45.6.98
content-length
0
expires
0
restricted
mid.rkdms.com/ Frame 0359
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=33304043744635969004132942815473677063&_ct=img
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
54.208.26.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-26-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellpoint.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 21:43:01 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
server
nginx
location
/restricted
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
image.sbix
global.ib-ibi.com/ Frame 0359 		0
0
launch-02a04093427e.min.js
assets.adobedtm.com/77d981f695af/9fa281512898/ 		2 MB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.adobedtm.com/77d981f695af/9fa281512898/launch-02a04093427e.min.js
Requested by
Host: mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
URL: http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ymrgjdfciua?brand=abs
Protocol
HTTP/1.1
Server
2a02:26f0:480:99e::1e80 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ba8c1e2beea30651e7e6bef28b3bcf7099099bf95d744b73c0185332d2f7625a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 21:43:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Apr 2023 17:20:29 GMT
Server
AkamaiNetStorage
ETag
"889283edbafa92ed948d79dd911fa7b2:1681320029.889821"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
253270
Expires
Tue, 11 Jul 2023 22:43:04 GMT
f02bbba4-abbc-4120-9cd2-a3a63a29c9a8.png
image.messageinsite.com/lib/fe5915707d600c747215/m/4/ 		0
0
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		0
0
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		0
0
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		0
0
tag.js
t.a3cloud.net/AM-141454/ 		0
0
delivery
wellpoint.tt.omtrdc.net/rest/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=33304043744635969004132942815473677063
Domain
image.messageinsite.com
URL
http://image.messageinsite.com/lib/fe5915707d600c747215/m/4/f02bbba4-abbc-4120-9cd2-a3a63a29c9a8.png
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Domain
t.a3cloud.net
URL
http://t.a3cloud.net/AM-141454/tag.js?ns=am
Domain
wellpoint.tt.omtrdc.net
URL
http://wellpoint.tt.omtrdc.net/rest/v1/delivery?client=wellpoint&sessionId=12331bd4c17c49b58f1497a6049e9aa5&version=2.10.2

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

17 Cookies

Domain/Path Name / Value
.sfmc-content.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 33304043744635969004132942815473677063
.sfmc-content.com/ Name: AMCVS_95CF659E533DE4C90A490D4D%40AdobeOrg
Value: 1
.sfmc-content.com/ Name: mbox
Value: session#12331bd4c17c49b58f1497a6049e9aa5#1689113640|PC#12331bd4c17c49b58f1497a6049e9aa5.37_0#1752356580
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZK3M4wAAAJJSbgOV
.dpm.demdex.net/ Name: dpm
Value: 33304043744635969004132942815473677063
.sfmc-content.com/ Name: s_cc
Value: true
.sfmc-content.com/ Name: AMCV_95CF659E533DE4C90A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19550%7CMCMID%7C33324794493601771904130795722568622661%7CMCAAMLH-1689716579%7C6%7CMCAAMB-1689716579%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1689118980s%7CNONE%7CMCSYNCSOP%7C411-19557%7CMCAID%7CNONE%7CvVersion%7C5.5.0
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ Name: mdLogger
Value: false
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ Name: kampyle_userid
Value: dddd-caa1-0dce-e02c-468a-972a-110c-3b35
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ Name: kampyleUserSession
Value: 1689111780901
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ Name: kampyleUserSessionsCount
Value: 1
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com/ Name: kampyleSessionPageCounter
Value: 1
.bing.com/ Name: MUID
Value: 2AE10785A6576DDE3B6714CEA7856C76
.c.bing.com/ Name: MR
Value: 0
.demdex.net/ Name: dextp
Value: 269-1-1689111780771|771-1-1689111780871|903-1-1689111780972|1957-1-1689111781075|22052-1-1689111781175|575-1-1689111781276|73426-1-1689111781376|121998-1-1689111781477|129099-1-1689111781578|285689-1-1689111781678
.doubleclick.net/ Name: IDE
Value: AHWqTUllWXZVSRtZk6hJiWTbFxpX7ERq81mNteOqR1q1JZUyQqBoJqJSkiEM2M7Sjfg

2 Console Messages

Source Level URL
Text
network error URL: https://t.a3cloud.net/AM-141454/tag.js?ns=am
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=33304043744635969004132942815473677063
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.scorecardresearch.com
assets.adobedtm.com
c.bing.com
cdn.quantummetric.com
click.messageinsite.com
cm.everesttech.net
cm.g.doubleclick.net
d2oh4tlt9mrke9.cloudfront.net
dpm.demdex.net
fei.pro-market.net
global.ib-ibi.com
image.messageinsite.com
match.adsrvr.org
mc5s8k4mxpmd-2bwfxrn7s0nlg14.pub.sfmc-content.com
mid.rkdms.com
ml314.com
pub.s1.exacttarget.com
resources.digital-cloud-west.medallia.com
smetrics.anthem.com
sync.crwdcntrl.net
sync.mathtag.com
t.a3cloud.net
udc-neb.kampyle.com
wellpoint.demdex.net
wellpoint.tt.omtrdc.net
assets.adobedtm.com
global.ib-ibi.com
image.messageinsite.com
t.a3cloud.net
wellpoint.tt.omtrdc.net
13.111.145.229
13.249.9.34
142.250.185.66
146.75.117.230
18.203.192.232
18.66.107.43
185.29.132.245
2600:1901:0:8eee::
2606:4700:10::6816:35fc
2620:1ec:c11::200
2a02:26f0:480:980::1e80
2a02:26f0:480:99e::1e80
34.111.234.236
35.241.45.82
52.208.156.123
52.208.93.119
52.223.40.198
52.50.235.196
54.208.26.70
63.140.62.164
66.231.91.26
66.231.91.36
66.235.152.115
99.86.91.44
43df564c2b800e1b2c7996e7597ed657b8578760f50d88534275190f127bac82
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
8fffc66397b2ef98b1d661f37904d6ad4c0a565e5dd2fd08180d08e06a728dcf
99c7ea75e577945ad7a955f64ee53db86cad30a488c34306d6ec0788fe4fe03d
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
ba8c1e2beea30651e7e6bef28b3bcf7099099bf95d744b73c0185332d2f7625a
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf