account.hcsc.net Open in urlscan Pro
205.172.134.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME=
Effective URL:
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Do...
Submission: On November 07 via manual (November 7th 2023, 6:55:05 pm UTC) from IN — Scanned from DE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 45 HTTP transactions. The main IP is 205.172.134.27, located in Chicago, United States and belongs to HSC, US. The main domain is account.hcsc.net. The Cisco Umbrella rank of the primary domain is 719188.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 6th 2022. Valid for: a year.

This is the only time account.hcsc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	128.136.38.134 128.136.38.134	31839 (GORDIAN-H...) (GORDIAN-HEALTH-SOLUTIONS)
1 9	205.172.134.27 205.172.134.27	23494 (HSC) (HSC)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:280... 2a02:26f0:280:194::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.249.73.231 34.249.73.231	16509 (AMAZON-02) (AMAZON-02)
1	99.81.138.255 99.81.138.255	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.135 63.140.62.135	15224 (OMNITURE) (OMNITURE)
1 1	3.248.147.241 3.248.147.241	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	52.177.30.255 52.177.30.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	44.214.36.158 44.214.36.158	14618 (AMAZON-AES) (AMAZON-AES)
45	19

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.onlifehealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 128.136.38.134 (Bloomington, United States) 2 redirects

ASN31839 (GORDIAN-HEALTH-SOLUTIONS, US)

wellontarget.onlifehealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 205.172.134.27 (Chicago, United States) 1 redirects

ASN23494 (HSC, US)

cim.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:280:194::1e80 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.73.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-73-231.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.138.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-138-255.eu-west-1.compute.amazonaws.com

hcsc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net

healthcareservicecorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.147.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.30.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bam-aem.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.36.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-36-158.compute-1.amazonaws.com

bf69636tjb.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hcsc.net 1 redirects cim.hcsc.net — Cisco Umbrella Rank: 186582 account.hcsc.net — Cisco Umbrella Rank: 719188 bam-aem.hcsc.net — Cisco Umbrella Rank: 181783	2 MB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	993 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	84 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	34 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 hcsc.demdex.net — Cisco Umbrella Rank: 88480	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	71 KB
3	onlifehealth.com 2 redirects pages.onlifehealth.com — Cisco Umbrella Rank: 430492 wellontarget.onlifehealth.com — Cisco Umbrella Rank: 674384	4 KB
2	dynatrace.com bf69636tjb.bf.dynatrace.com — Cisco Umbrella Rank: 79590	985 B
2	omtrdc.net healthcareservicecorporation.sc.omtrdc.net — Cisco Umbrella Rank: 77254	466 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	14 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275	517 B
45	14

	Domain	Requested by
8	www.youtube.com	account.hcsc.net www.youtube.com
5	account.hcsc.net	pages.onlifehealth.com account.hcsc.net
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	cim.hcsc.net	1 redirects account.hcsc.net
3	assets.adobedtm.com	account.hcsc.net assets.adobedtm.com
2	bf69636tjb.bf.dynatrace.com	account.hcsc.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	healthcareservicecorporation.sc.omtrdc.net	account.hcsc.net
2	dpm.demdex.net	account.hcsc.net
2	fonts.googleapis.com	account.hcsc.net
2	wellontarget.onlifehealth.com	2 redirects
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	bam-aem.hcsc.net
1	cm.everesttech.net	1 redirects
1	hcsc.demdex.net	assets.adobedtm.com
1	pages.onlifehealth.com
45	21

This site contains links to these domains. Also see Links.

Domain
www.bcbs.com

Subject Issuer	Validity	Valid
pages.onlifehealth.com Cloudflare Inc ECC CA-3	`2023-06-27` - `2024-06-25`	a year	crt.sh
account.hcsc.net Entrust Certification Authority - L1K	`2022-12-06` - `2023-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
cim.hcsc.net Entrust Certification Authority - L1K	`2023-10-04` - `2024-10-12`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
bam-aem.hcsc.net Entrust Certification Authority - L1K	`2023-01-04` - `2024-02-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-07`	10 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Frame ID: 16359EEE3E22415B5E6A841374C37311
Requests: 23 HTTP requests in this frame

Frame: https://hcsc.demdex.net/dest5.html?d_nsid=0
Frame ID: B4E66472C41C0BB0740281EC7736D2CB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lnxcQiuJIxk
Frame ID: 015737F399CD931A793EA0BA9752CC55
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BCBS Login

Page URL History Show full URLs

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-Xum... Page URL
https://wellontarget.onlifehealth.com/HealthAssessment?mkt_tok=MTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdv... HTTP 302
https://wellontarget.onlifehealth.com/Home/Login/?ReturnUrl=%2FHealthAssessment%3Fmkt_tok%3DMTYyLUtQTy0zNTQAAAGPSa... HTTP 302
https://cim.hcsc.net/am/oauth2/realms/members/authorize?client_id=oauth_mma_wot_APP00046856&scope... HTTP 302
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fautho... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

96 %
HTTPS

55 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

2889 kB
Transfer

5658 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bcbs.com/member/account-access/problems-logging-in
Title: Take a look at our Login Problem FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME= Page URL
https://wellontarget.onlifehealth.com/HealthAssessment?mkt_tok=MTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdvLzISd9Gu4jEIFeXV0yGJEoUXxC9D452pPK8xx3Q2ZVdeP0DAG6NPQWiL9T2OZqxIn4bB_ykEUpA HTTP 302
https://wellontarget.onlifehealth.com/Home/Login/?ReturnUrl=%2FHealthAssessment%3Fmkt_tok%3DMTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdvLzISd9Gu4jEIFeXV0yGJEoUXxC9D452pPK8xx3Q2ZVdeP0DAG6NPQWiL9T2OZqxIn4bB_ykEUpA&mkt_tok=MTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdvLzISd9Gu4jEIFeXV0yGJEoUXxC9D452pPK8xx3Q2ZVdeP0DAG6NPQWiL9T2OZqxIn4bB_ykEUpA HTTP 302
https://cim.hcsc.net/am/oauth2/realms/members/authorize?client_id=oauth_mma_wot_APP00046856&scope=openid+profile&redirect_uri=https%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback&response_type=code&state=UvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw&code_challenge=qiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU&code_challenge_method=S256&service=hcsc-members-mma-mfa HTTP 302
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://cm.everesttech.net/cm/dd?d_uuid=91454782847065953110016716800320359623 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUqIBAAAAEHkzwOY

Request Chain 28

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME=
pages.onlifehealth.com/ 542 B
1 KB 425ms
197ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-db1HOJvE/BVzbfEnouIHu4ljBIIIUBQtxbQ6FvJfTEc=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8227c99c2d86190b-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-db1HOJvE/BVzbfEnouIHu4ljBIIIUBQtxbQ6FvJfTEc=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type: text/html;charset=UTF-8
date: Tue, 07 Nov 2023 18:54:55 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: b369cb99f05d6cc5

GET
H/1.1

200

Primary Request / Show response
account.hcsc.net/login/
Redirect Chain

https://wellontarget.onlifehealth.com/HealthAssessment?mkt_tok=MTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdvLzISd9Gu4jEIFeXV0yGJEoUXxC9D452pPK8xx3Q2ZVdeP0DAG6NPQWiL9T2OZqxIn4bB_ykEUpA
https://wellontarget.onlifehealth.com/Home/Login/?ReturnUrl=%2FHealthAssessment%3Fmkt_tok%3DMTYyLUtQTy0zNTQAAAGPSacTkvr4qt1UyqM37NHPWTbPgrafZdvLzISd9Gu4jEIFeXV0yGJEoUXxC9D452pPK8xx3Q2ZVdeP0DAG6NPQW...
https://cim.hcsc.net/am/oauth2/realms/members/authorize?client_id=oauth_mma_wot_APP00046856&scope=openid+profile&redirect_uri=https%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback&resp...
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps...

2 KB
3 KB

478ms
124ms

Document
text/html

205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Requested by: Host: pages.onlifehealth.com
URL: https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 802e735af4c95cf6f145fa1b967c4989fffcab1ea1306de693ce230d58777f95

Request headers

Referer: https://pages.onlifehealth.com/MTYyLUtQTy0zNTQAAAGPSacTkqNZo0BZ5892HiyJkLwb_n7gL50TCweQN0eksCHd9ehahXm_-XumA8b2rpKq4XDfaME=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store
Connection: keep-alive
Content-Length: 1633
Content-Type: text/html;charset=utf-8
Date: Tue, 07 Nov 2023 18:54:59 GMT
Etag: "6543711e-235:dtagent10277231024135831nljo"
Expires: Tue, 07 Nov 2023 18:54:58 GMT
Keep-Alive: timeout=60
Last-Modified: Thu, 02 Nov 2023 09:51:26 GMT
X-Oneagent-Js-Injection: true
X-Ruxit-Js-Agent: true
X-Vcap-Request-Id: 7837e853-dcbe-469c-6cd5-be2050ae4e07

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 18:54:56 GMT
Keep-Alive: timeout=60
Location: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200 ruxitagentjs_ICA27NVfhqrux_10277231024135831.js Show response
account.hcsc.net/login/ 217 KB
83 KB 128ms
121ms Script
text/javascript 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 55754a8faf4ef1cc4294aabb6d3e23089b92d5320805dee0aef6774f0282c355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 18:55:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Content-Type: text/javascript;charset=utf-8
X-Vcap-Request-Id: 23b31d4f-bb6b-429e-58b6-5814668253c8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 84576
Expires: Wed, 06 Nov 2024 18:55:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 65ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 18:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:46:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 18:54:57 GMT

GET
H/1.1 200 main.79231bac7d46380c4b15.js Show response
account.hcsc.net/login/ 1 MB
1 MB 139ms
139ms Script
application/x-javascript 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/main.79231bac7d46380c4b15.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: 33e75968453bbdb3cadaee39cbcfe8a685a5ee663395c2738c20be580ded7dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 18:55:00 GMT
Last-Modified: Thu, 02 Nov 2023 09:51:26 GMT
Etag: "6543711e-17b4d0"
Content-Type: application/x-javascript
X-Vcap-Request-Id: d0d7a52f-5cd5-45c3-6275-49b446f3fb5f
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1553616

GET
H/1.1 200 main.1ce093e1e3d1a5a05bb4.css
account.hcsc.net/login/ 54 KB
55 KB 458ms
235ms Stylesheet
text/css 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/main.1ce093e1e3d1a5a05bb4.css
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: b911e61ea69fcb53933ac8543eba661ee82a3e8140181aad3c59ec40f218339b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 18:55:00 GMT
Last-Modified: Thu, 02 Nov 2023 09:51:26 GMT
Etag: "6543711e-d910"
Content-Type: text/css
X-Vcap-Request-Id: c46a4a76-d830-4e25-441e-4c2eb9ef3a35
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 55568

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
764 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.1ce093e1e3d1a5a05bb4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da97d4d3d072bc3af5b32d73a1419f0ae408e2c54f9f568e7eeb480237ff0e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 18:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 18:53:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 18:54:58 GMT

GET
H/1.1 200 config Show response
account.hcsc.net/login/ 698 B
1 KB 118ms
118ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL: https://account.hcsc.net/login/config
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software: /
Resource Hash: f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%26code_challenge%3DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-dtpc: 7$183297958_277h3vJQLAMRMFVNIPUOIPKERPPJMSBORLRFKO-0e0

Response headers

Date: Tue, 07 Nov 2023 18:55:02 GMT
Last-Modified: Thu, 02 Nov 2023 09:51:26 GMT
Etag: "6543711e-2ba"
Content-Type: application/json
X-Vcap-Request-Id: e3df934d-a81e-4774-6f3d-8d6eb0cd2fcc
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 698

GET
H2 200 launch-1f6332b2afd3.min.js Show response
assets.adobedtm.com/45efbf285322/1951ece8c775/ 231 KB
57 KB 53ms
10ms Script
application/x-javascript 2a02:26f0:280:194::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.79231bac7d46380c4b15.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:194::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a438ff473f45abaaf9a640d590b1de6a8c472cbe3b9c0a77c29eb84c2d425f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 25 Oct 2023 21:20:55 GMT
server: AkamaiNetStorage
etag: "45082a4aa9f5c5c5e6eb33db1e30afe5:1698268855.89418"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 58304
expires: Tue, 07 Nov 2023 19:54:59 GMT

GET
H/1.1 200 en Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/ 2 KB
2 KB 522ms
164ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/en

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Dispatcher: 1
Date: Tue, 07 Nov 2023 18:55:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 860

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 363 B
1 KB 158ms
65ms XHR
application/json 34.249.73.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=24F66F63598431DC0A495EE9%40AdobeOrg&d_nsid=0&ts=1699383299865

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.73.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-73-231.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a767b029ecba9ec879a6c22352ed59047eecf419236527f92715275d38aeb6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v053-091a2ca20.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: sSq72YsaSzU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://account.hcsc.net
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:280:194::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:194::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:54:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 07 Nov 2023 19:54:59 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:280:194::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:194::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:54:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://account.hcsc.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 07 Nov 2023 19:54:59 GMT

GET
H/1.1 200
OK dest5.html Show response
hcsc.demdex.net/ Frame B4E6 7 KB
3 KB 176ms
35ms Document
text/html 99.81.138.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hcsc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.138.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-138-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.hcsc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v053-08919bf95.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: s4otsUzDQV4=
content-encoding: gzip
date: Tue, 7 Nov 2023 18:55:00 GMT
last-modified: Thu, 26 Oct 2023 10:53:48 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
healthcareservicecorporation.sc.omtrdc.net/ 2 B
267 B 274ms
163ms XHR
application/x-javascript 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://healthcareservicecorporation.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=24F66F63598431DC0A495EE9%40AdobeOrg&mid=90897585060653922370069076746275716933&ts=1699383300032

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://account.hcsc.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZUqIBAAAAEHkzwOY
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=91454782847065953110016716800320359623
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUqIBAAAAEHkzwOY

42 B
942 B

34ms
34ms

Image
image/gif

34.249.73.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUqIBAAAAEHkzwOY

Protocol

HTTP/1.1

Server

34.249.73.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-73-231.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v053-0f055f6d4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zI4zy1kzStM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUqIBAAAAEHkzwOY
Date: Tue, 07 Nov 2023 18:55:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 s09319200668148 Show response
healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/ 43 B
199 B 184ms
183ms XHR
image/gif 63.140.62.135
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/s09319200668148

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 18:55:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 18:55:00 GMT
server: jag
etag: 3649397849384026112-4617718297919061844
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://account.hcsc.net
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 06 Nov 2023 18:55:00 GMT

GET
H2 200 lnxcQiuJIxk Show response
www.youtube.com/embed/ Frame 0157 90 KB
40 KB 110ms
87ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lnxcQiuJIxk

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.79231bac7d46380c4b15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32cd559426fa85f936986fd3e8bbe1c00e46a278049473d01ff426882a8741f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.hcsc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 18:55:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 WoT_Logo.svg
bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/ 6 KB
3 KB 385ms
109ms Image
image/svg+xml 52.177.30.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/WoT_Logo.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.177.30.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.hcsc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-dispatcher: 1
date: Tue, 07 Nov 2023 18:55:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains;preload
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 20:11:00 GMT
server: Apache
etag: "1970-604a239ba7d00-gzip"
x-vhost: bam-aem
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2573

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.hcsc.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:21 GMT
x-content-type-options: nosniff
age: 434199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:21 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.hcsc.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:21 GMT
x-content-type-options: nosniff
age: 434199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18232
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:07:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:21 GMT

GET
H/1.1 200 right-side-page-all-states Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-st... 1 KB
1 KB 181ms
181ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-states/right-side-page-all-states

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Dispatcher: 1
Date: Tue, 07 Nov 2023 18:55:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 445

GET
H/1.1 200 en Show response
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/ 1 KB
1 KB 350ms
165ms XHR
application/json 205.172.134.27
HSC

General

Check archive.org

Show headers Download Go to

Full URL

https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/en

Requested by

Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.172.134.27 Chicago, United States, ASN23494 (HSC, US),

Reverse DNS

Software

Resource Hash

8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Dispatcher: 2
Date: Tue, 07 Nov 2023 18:55:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;preload
X-Vhost: bam-aem
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://account.hcsc.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 570

GET
H2 200 www-player.css
www.youtube.com/s/player/9d15588c/ Frame 0157 377 KB
48 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48897
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 18:16:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0157 15 KB
15 KB 9ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 402165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0157 15 KB
15 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 422905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame 0157 55 KB
17 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

890510c615fdee7f81632edaa59169c46685c90f04c61eb2ca5775f9c0a7beaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17569
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 31 Oct 2024 07:28:52 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9d15588c/www-embed-player.vflset/ Frame 0157 321 KB
96 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 15:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98339
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 15:40:18 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame 0157 2 MB
758 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f5dd47b5db0069121fdc563e65be4def3075c1216ed36c77d337a7b1c24307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 775976
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 31 Oct 2024 07:28:52 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0157
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

19ms
18ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb3384084593c1f515c6e08ed4e22fb01be4872d2c135c97f05b7a44f9cfb902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Nov 2023 18:55:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0157 29 B
494 B 31ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:50:08 GMT
x-content-type-options: nosniff
age: 292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 19:05:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 37ms
14ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 18:55:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0157 69 KB
32 KB 22ms
22ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

662586bb18e6aebaddac6ef9fec20b76debd5b6b498c99c09f464a3fbe8d94c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32300
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/ Frame 0157 116 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4011afacad08f6d29ce3cb37c0c5e7fdca91235bebc9c25c766c0072937361a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33753
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:51:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 31 Oct 2024 07:30:15 GMT

GET
H2 200 PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js Show response
www.google.com/js/th/ Frame 0157 38 KB
15 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/PCqCuqRWleJvAFB5HssaUTeU1BO5ETzC_zrpZ-5DxRc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14755
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 22:44:04 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/lnxcQiuJIxk/ Frame 0157 13 KB
14 KB 33ms
9ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lnxcQiuJIxk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 17:34:27 GMT
x-content-type-options: nosniff
age: 4833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13636
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 19:34:27 GMT

GET
DATA 200
OK truncated
/ Frame 0157 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 22C8ZQn_oj6QnCqd_Ahoet9mLiq9E_XVxJuFMFkp7vdwsmFS6t09cocAIx7NR3NaumxS5mHDug=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0157 3 KB
3 KB 33ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/22C8ZQn_oj6QnCqd_Ahoet9mLiq9E_XVxJuFMFkp7vdwsmFS6t09cocAIx7NR3NaumxS5mHDug=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

027f6d99268bf1d032d3e046fb4523ff3056057ef633dc8ac0bba3dfc36c6022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:39:52 GMT
x-content-type-options: nosniff
age: 908
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3169
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Nov 2023 18:39:52 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 18:55:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0157 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be10d4aa02313cbc13b52546b47a0485207947c5311ea945282569d15b21188e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 0157 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5Vuoqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0157 4 KB
2 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 18:55:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 0157 50 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 08 Nov 2023 14:24:18 GMT

POST
H2 200 bf Show response
bf69636tjb.bf.dynatrace.com/ 220 B
493 B 379ms
91ms XHR
text/plain 44.214.36.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_3E4FFE1714BCA225E20DE9C2D5006C86_perc_100000_ol_0_mul_1_app-3Ae52da50c3dcf4fc9_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=JQLAMRMFVNIPUOIPKERPPJMSBORLRFKO-0&modifiedSince=1699289579222&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%2526code_challenge%253DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa&bp=3&app=e52da50c3dcf4fc9&crc=259319543&en=e6mqrbyg&end=1
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.36.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-36-158.compute-1.amazonaws.com
Software: /
Resource Hash: 87996e53d0f10b873daddaec63f02628c24a753cb4c93e1cb6a33a8fcf223698

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.hcsc.net
x-oneagent-js-injection: true
date: Tue, 07 Nov 2023 18:55:02 GMT
cache-control: no-cache
content-length: 220
content-type: text/plain;charset=utf-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0157 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9d15588c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
X-Goog-Request-Time: 1699383302864
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/lnxcQiuJIxk
X-YouTube-Client-Version: 1.20231031.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtMZDF2MkIwdDdtWSiEkKqqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699383300495&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C409%2C260&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 07 Nov 2023 18:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 07 Nov 2023 18:55:02 GMT

POST
H2 200 bf Show response
bf69636tjb.bf.dynatrace.com/ 220 B
492 B 92ms
92ms XHR
text/plain 44.214.36.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_3E4FFE1714BCA225E20DE9C2D5006C86_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=JQLAMRMFVNIPUOIPKERPPJMSBORLRFKO-0&modifiedSince=1699289579222&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%2526code_challenge%253DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa&bp=3&app=e52da50c3dcf4fc9&crc=1208436214&en=e6mqrbyg&end=1
Requested by: Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10277231024135831.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.36.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-36-158.compute-1.amazonaws.com
Software: /
Resource Hash: 87996e53d0f10b873daddaec63f02628c24a753cb4c93e1cb6a33a8fcf223698

Request headers

Referer: https://account.hcsc.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account.hcsc.net
x-oneagent-js-injection: true
date: Tue, 07 Nov 2023 18:55:03 GMT
cache-control: no-cache
content-length: 220
content-type: text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pages.onlifehealth.com/	1970-01-20 16:03:05	Name: __cf_bm Value: D1OU3MTpdGF9QQYMB9810r3iIdDITpBe2Li3BRNJp04-1699383295-0-AdJW59La9rJLynoTlsW31F15BTHRLfpMH6KjYN4ePECAb3nQZdBCW1w7CEYBpqhn0Blrzha43umd/kNdPz16Gpk=
wellontarget.onlifehealth.com/	1969-12-31 23:59:59	Name: BIGipServergreennew_member.onlifehealth.com Value: 1187520172.47873.0000
wellontarget.onlifehealth.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rigb5pri4cq0uorn5n4edzy5
.hcsc.net/	1970-01-20 16:03:03	Name: OAUTH_REQUEST_ATTRIBUTES Value: eyJzZXJ2aWNlIjoiaGNzYy1tZW1iZXJzLW1tYS1tZmEiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3dlbGxvbnRhcmdldC5vbmxpZmVoZWFsdGguY29tL0hvbWUvTG9naW5DYWxsYmFjayIsInN0YXRlIjoiVXZScWhlZGFJakhwQlREM245TG05dWdwbVRiczhPMk1BOTU1OXpla29KdyIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJjbGllbnRfaWQiOiJvYXV0aF9tbWFfd290X0FQUDAwMDQ2ODU2IiwiY29kZV9jaGFsbGVuZ2UiOiJxaVlJcFk0NGo4a2FRYThZSUFMaERsem0zTlJaeWx4R1FNNGh4ZGstVGtVIn0=
cim.hcsc.net/	1969-12-31 23:59:59	Name: TS0123e410 Value: 01d43b0fd25a03c536fc13fa2a505f2cbaf58bc5f8d50eca0a2cbf8a2adc36faaf4752ff15688d2f09d46cbc6b58a85f8c31ba7ae5
.hcsc.net/	1969-12-31 23:59:59	Name: TS01f08741 Value: 01d43b0fd27868bf74989c0a1fe11c22906bed4261d50eca0a2cbf8a2adc36faaf4752ff15934566857cfc664214cf73ee49fff0c34098d154067f61b8c973dc6957025009
account.hcsc.net/	1969-12-31 23:59:59	Name: TS0123e410 Value: 01d43b0fd25a03c536fc13fa2a505f2cbaf58bc5f8d50eca0a2cbf8a2adc36faaf4752ff15688d2f09d46cbc6b58a85f8c31ba7ae5
.hcsc.net/	1969-12-31 23:59:59	Name: TS011c8526 Value: 01d43b0fd2e2f2bbeade31ab57a81410886f0d215ed50eca0a2cbf8a2adc36faaf4752ff153c5bcddb0072fb519ce97e553b673283cc0ddb1046567ba804560cd5d27bec67
.hcsc.net/	1969-12-31 23:59:59	Name: rxVisitor Value: 1699383297960COO01G5D6E0KHEQMLURCM2S4J9CH0UJ1
.hcsc.net/	1969-12-31 23:59:59	Name: dtSa Value: -
.hcsc.net/	1969-12-31 23:59:59	Name: rxvt Value: 1699385099655\|1699383297961
.hcsc.net/	1969-12-31 23:59:59	Name: dtPC Value: 7$183297958_277h-vJQLAMRMFVNIPUOIPKERPPJMSBORLRFKO-0e0
.demdex.net/	1970-01-20 20:22:15	Name: demdex Value: 91454782847065953110016716800320359623
.hcsc.net/	1969-12-31 23:59:59	Name: AMCVS_24F66F63598431DC0A495EE9%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 00:48:39	Name: everest_g_v2 Value: g_surferid~ZUqIBAAAAEHkzwOY
.dpm.demdex.net/	1970-01-20 20:22:15	Name: dpm Value: 91454782847065953110016716800320359623
.hcsc.net/	1970-01-21 01:39:03	Name: AMCV_24F66F63598431DC0A495EE9%40AdobeOrg Value: 179643557%7CMCIDTS%7C19669%7CMCMID%7C90897585060653922370069076746275716933%7CMCAAMLH-1699988100%7C6%7CMCAAMB-1699988100%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1699390500s%7CNONE%7CMCSYNCSOP%7C411-19676%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.hcsc.net/	1970-01-20 16:46:15	Name: s_getNewRepeat Value: 1699383300311-New
.hcsc.net/	1970-01-20 16:03:05	Name: gpv_pn Value: no%20value
.hcsc.net/	1970-01-20 16:09:03	Name: s_vnum Value: 1699743600313%26vn%3D1
.hcsc.net/	1970-01-20 16:03:05	Name: s_invisit Value: true
.hcsc.net/	1970-01-21 01:39:03	Name: s_daysSinceVisit Value: 1699383300313
.hcsc.net/	1970-01-20 16:03:05	Name: s_daysSinceVisit_s Value: First%20Visit
.hcsc.net/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.hcsc.net/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Faccount.hcsc.net%2Flogin%2F%253Fgoto%253Dhttps%25253A%25252F%25252Fcim.hcsc.net%25253A443%25252Fam%25252Foauth2%25252Fmembers%25252Fauthorize%25253Fclient_id%25253Doauth_mma_wot_APP00046856%252526scope%25253Dopenid%25252520profile%252526redirect_uri%25253Dhttps%25253A%25252F%25252Fwellontarget.onlifehealth.com%25252FHome%25252FLoginCallback%252526response_type%25253Dcode%252526state%25253DUvRqhedaIjHpBTD3n9Lm9ugpmTbs8O2MA9559zekoJw%252526code_challenge%25253DqiYIpY44j8kaQa8YIALhDlzm3NRZylxGQM4hxdk-TkU%252526code_challenge_method%25253DS256%252526service%25253Dhcsc-members-mma-mfa%2526realm%253D%2Fmembers%2526service%253Dhcsc-members-mma-mfa%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.hcsc.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5LX--bzhnTc
.youtube.com/	1970-01-20 20:22:15	Name: VISITOR_INFO1_LIVE Value: Ld1v2B0t7mY
bam-aem.hcsc.net/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 7d5b1b8085b855bb2ebd48e356f5cd5b
bam-aem.hcsc.net/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 7d5b1b8085b855bb2ebd48e356f5cd5b
.hcsc.net/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_7_sn_3E4FFE1714BCA225E20DE9C2D5006C86_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-db1HOJvE/BVzbfEnouIHu4ljBIIIUBQtxbQ6FvJfTEc=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.hcsc.net
assets.adobedtm.com
bam-aem.hcsc.net
bf69636tjb.bf.dynatrace.com
cim.hcsc.net
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hcsc.demdex.net
healthcareservicecorporation.sc.omtrdc.net
i.ytimg.com
jnn-pa.googleapis.com
pages.onlifehealth.com
static.doubleclick.net
wellontarget.onlifehealth.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.17.71.206
128.136.38.134
205.172.134.27
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2016
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a02:26f0:280:194::1e80
3.248.147.241
34.249.73.231
44.214.36.158
52.177.30.255
63.140.62.135
99.81.138.255
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
027f6d99268bf1d032d3e046fb4523ff3056057ef633dc8ac0bba3dfc36c6022
082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec
32cd559426fa85f936986fd3e8bbe1c00e46a278049473d01ff426882a8741f2
33e75968453bbdb3cadaee39cbcfe8a685a5ee663395c2738c20be580ded7dff
3c2a82baa45695e26f0050791ecb1a513794d413b9113cc2ff3ae967ee43c517
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4011afacad08f6d29ce3cb37c0c5e7fdca91235bebc9c25c766c0072937361a2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243
55754a8faf4ef1cc4294aabb6d3e23089b92d5320805dee0aef6774f0282c355
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
662586bb18e6aebaddac6ef9fec20b76debd5b6b498c99c09f464a3fbe8d94c0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
781ca116ffbdbcc5677786946676f2fa8bd27fbb34137972524a4a11cc885a28
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
802e735af4c95cf6f145fa1b967c4989fffcab1ea1306de693ce230d58777f95
87996e53d0f10b873daddaec63f02628c24a753cb4c93e1cb6a33a8fcf223698
890510c615fdee7f81632edaa59169c46685c90f04c61eb2ca5775f9c0a7beaf
8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4
960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986
a438ff473f45abaaf9a640d590b1de6a8c472cbe3b9c0a77c29eb84c2d425f53
a767b029ecba9ec879a6c22352ed59047eecf419236527f92715275d38aeb6fa
ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f
b911e61ea69fcb53933ac8543eba661ee82a3e8140181aad3c59ec40f218339b
be10d4aa02313cbc13b52546b47a0485207947c5311ea945282569d15b21188e
c9f5dd47b5db0069121fdc563e65be4def3075c1216ed36c77d337a7b1c24307
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da97d4d3d072bc3af5b32d73a1419f0ae408e2c54f9f568e7eeb480237ff0e0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3384084593c1f515c6e08ed4e22fb01be4872d2c135c97f05b7a44f9cfb902
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

account.hcsc.net Open in urlscan Pro 205.172.134.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

55 %IPv6

14 Domains

21 Subdomains

19 IPs

4 Countries

2889 kBTransfer

5658 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.hcsc.net Open in urlscan Pro
205.172.134.27 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

55 %
IPv6

14
Domains

21
Subdomains

19
IPs

4
Countries

2889 kB
Transfer

5658 kB
Size

31
Cookies

45 HTTP transactions
1 data transactions