myuhc.phs.com Open in urlscan Pro
168.183.65.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phs.com.mcas-df.ms/
Effective URL:
https://myuhc.phs.com/content/lobby/angular/en/phs.html
Submission: On December 02 via api (December 2nd 2022, 7:23:36 am UTC) from US — Scanned from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 25 domains to perform 65 HTTP transactions. The main IP is 168.183.65.158, located in United States and belongs to UHC, US. The main domain is myuhc.phs.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 26th 2022. Valid for: a year.

This is the only time myuhc.phs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	20.241.142.98 20.241.142.98	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:141b:13:... 2600:141b:13::17d7:829b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	149.111.164.200 149.111.164.200	10879 (UHC) (UHC)
16	168.183.65.158 168.183.65.158	10879 (UHC) (UHC)
5	2600:1400:d:5... 2600:1400:d:586::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.84.125.83 52.84.125.83	16509 (AMAZON-02) (AMAZON-02)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	149.111.164.68 149.111.164.68	10879 (UHC) (UHC)
1	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	54.225.210.223 54.225.210.223	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:190d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	168.183.37.25 168.183.37.25	() ()
1	3.232.151.210 3.232.151.210	() ()
2	63.140.38.117 63.140.38.117	() ()
1 1	34.194.219.113 34.194.219.113	() ()
1	34.197.227.119 34.197.227.119	() ()
1	104.126.117.177 104.126.117.177	() ()
1 3	142.250.65.166 142.250.65.166	() ()
2 2	142.251.40.130 142.251.40.130	() ()
3 3	15.197.193.217 15.197.193.217	() ()
1 2	2607:f8b0:400... 2607:f8b0:4006:817::2002	() ()
2 2	64.58.232.176 64.58.232.176	() ()
1 2	64.58.232.177 64.58.232.177	() ()
1 2	68.67.181.211 68.67.181.211	() ()
1 1	52.22.220.75 52.22.220.75	() ()
1	3.215.223.2 3.215.223.2	() ()
1	3.214.206.32 3.214.206.32	() ()
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	() ()
2 2	142.251.32.102 142.251.32.102	() ()
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
1	2607:f8b0:400... 2607:f8b0:4006:81c::2008	() ()
1	3.95.48.132 3.95.48.132	() ()
65	27

1 20.241.142.98 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

phs.com.mcas-df.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:829b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.164.200 (United States) 1 redirects

ASN10879 (UHC, US)
PTR: phs1-elr.optum.com

phs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 168.183.65.158 (United States)

ASN10879 (UHC, US)
PTR: phs1-ctc.optum.com

myuhc.phs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1400:d:586::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.125.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-125-83.ord53.r.cloudfront.net

messenger-widget.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.164.68 (United States)

ASN10879 (UHC, US)
PTR: myoptum-temp-elr.optum.com

myoptum-temp.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.225.210.223 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-210-223.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:190d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 168.183.37.25 (None, )

ASN- ()

myoptum.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.151.210 (None, )

ASN- ()

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.117 (None, )

ASN- ()

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.219.113 (None, ) 1 redirects

ASN- ()

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.227.119 (None, )

ASN- ()

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.117.177 (None, )

ASN- ()

myoptum.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.166 (None, ) 1 redirects

ASN- ()

8560775.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (None, ) 3 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2002 (None, ) 1 redirects

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.232.176 (None, ) 2 redirects

ASN- ()

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.232.177 (None, ) 1 redirects

ASN- ()

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.211 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.220.75 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.223.2 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.206.32 (None, )

ASN- ()

px.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.102 (None, ) 2 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.95.48.132 (None, )

ASN- ()

report.uhg.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	phs.com 1 redirects phs.com myuhc.phs.com	2 MB
12	optum.com messenger-widget.optum.com myoptum-temp.optum.com — Cisco Umbrella Rank: 540862 myoptum.optum.com smetrics.optum.com	814 KB
7	doubleclick.net 5 redirects 8560775.fls.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	3 KB
7	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 190 unitedhealthgroup.demdex.net	9 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	125 KB
4	facebook.net connect.facebook.net	69 KB
3	adsrvr.org 3 redirects match.adsrvr.org insight.adsrvr.org	1 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 39890	44 KB
2	facebook.com www.facebook.com	203 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	557 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	mookie1.com 1 redirects ib.mookie1.com	2 KB
2	ib-ibi.com 2 redirects global.ib-ibi.com	940 B
2	google.com 1 redirects adservice.google.com	726 B
1	glassboxdigital.io report.uhg.glassboxdigital.io	3 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	gumgum.com px.gumgum.com	182 B
1	akamaized.net myoptum.akamaized.net	113 KB
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net	4 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 8598	134 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 908	11 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4016	114 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 680	24 KB
1	mcas-df.ms phs.com.mcas-df.ms	1 KB
65	25

	Domain	Requested by
16	myuhc.phs.com	myuhc.phs.com cdn.gbqofs.com
8	myoptum.optum.com	myoptum-temp.optum.com cdn.gbqofs.com myuhc.phs.com
6	dpm.demdex.net	2 redirects myuhc.phs.com
5	assets.adobedtm.com	myuhc.phs.com assets.adobedtm.com
4	connect.facebook.net	8560775.fls.doubleclick.net connect.facebook.net phs.com.mcas-df.ms
3	8560775.fls.doubleclick.net	1 redirects assets.adobedtm.com 8560775.fls.doubleclick.net
3	mcasproxy.azureedge.net	phs.com.mcas-df.ms mcasproxy.azureedge.net
2	www.facebook.com	8560775.fls.doubleclick.net myuhc.phs.com
2	ad.doubleclick.net	2 redirects
2	secure.adnxs.com	1 redirects 8560775.fls.doubleclick.net
2	ib.mookie1.com	1 redirects myuhc.phs.com
2	global.ib-ibi.com	2 redirects
2	adservice.google.com	1 redirects 8560775.fls.doubleclick.net
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	smetrics.optum.com	assets.adobedtm.com myuhc.phs.com
1	report.uhg.glassboxdigital.io	cdn.gbqofs.com
1	www.googletagmanager.com	assets.adobedtm.com
1	px.gumgum.com	8560775.fls.doubleclick.net
1	beacon.krxd.net	8560775.fls.doubleclick.net
1	usermatch.krxd.net	1 redirects
1	insight.adsrvr.org	1 redirects
1	myoptum.akamaized.net	myoptum-temp.optum.com
1	unitedhealthgroup.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	cdn.gbqofs.com	phs.com.mcas-df.ms
1	use.fontawesome.com	myuhc.phs.com
1	fast.wistia.com	myuhc.phs.com
1	myoptum-temp.optum.com	myuhc.phs.com
1	code.jquery.com	myuhc.phs.com
1	messenger-widget.optum.com	myuhc.phs.com
1	phs.com	1 redirects
1	phs.com.mcas-df.ms
65	34

This site contains no links.

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
phs1.optum.com COMODO RSA Organization Validation Secure Server CA	`2022-08-26` - `2023-08-26`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
messenger-widget.optum.com COMODO RSA Organization Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
myoptum-temp.optum.com COMODO RSA Organization Validation Secure Server CA	`2022-08-08` - `2023-08-08`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
myoptum.optum.com COMODO RSA Organization Validation Secure Server CA	`2022-08-08` - `2023-08-08`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-20` - `2023-04-20`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gumgum.com Amazon	`2022-09-14` - `2023-10-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
uhg.glassboxdigital.io Amazon	`2022-10-08` - `2023-11-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://myuhc.phs.com/content/lobby/angular/en/phs.html
Frame ID: 0C7D4C769FF72CAD11EC81A00B2EB259
Requests: 49 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.26.5/html/session-context-restore.html
Frame ID: 6181E134388BE1B5F6F94F03B4985EEF
Requests: 2 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 519982061040DA3D12FDE2080C3C6E12
Requests: 4 HTTP requests in this frame

Frame: https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434
Frame ID: D4DE69DE331263D6DB2FA98113E55F1C
Requests: 1 HTTP requests in this frame

Frame: https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/
Frame ID: BBF40F910F13D2ADDE482EAB0C70FED7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://phs.com.mcas-df.ms/ Page URL
https://phs.com/ HTTP 302
https://myuhc.phs.com/content/lobby/angular/en/phs.html Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/
/etc/clientlibs/
/etc\.clientlibs/

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

83 %
HTTPS

27 %
IPv6

25
Domains

34
Subdomains

27
IPs

1
Countries

3364 kB
Transfer

12329 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phs.com.mcas-df.ms/ Page URL
https://phs.com/ HTTP 302
https://myuhc.phs.com/content/lobby/angular/en/phs.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135

Request Chain 25

https://cm.everesttech.net/cm/dd?d_uuid=41722570163625851442043314400984175079 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4mn8wAAABqAUQMv

Request Chain 32

https://8560775.fls.doubleclick.net/activityi;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434 HTTP 302
https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE3MjI1NzAxNjM2MjU4NTE0NDIwNDMzMTQ0MDA5ODQxNzUwNzk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE3MjI1NzAxNjM2MjU4NTE0NDIwNDMzMTQ0MDA5ODQxNzUwNzk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4uG52pXPcE5N7x8L2cptw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 34

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=myuhc.phs.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=myuhc.phs.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6

Request Chain 35

https://adservice.google.com/ddm/fls/i/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/ HTTP 302
https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/

Request Chain 36

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=41722570163625851442043314400984175079 HTTP 302
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=41722570163625851442043314400984175079 HTTP 302
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=41722570163625851442043314400984175079&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079 HTTP 302
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079

Request Chain 38

https://secure.adnxs.com/px?id=1535081&seg=27853642&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1535081%26seg%3D27853642%26t%3D1

Request Chain 39

https://insight.adsrvr.org/track/pxl/?adv=17nicet&ct=0:4ct87d9&fmt=3 HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6

Request Chain 47

https://ad.doubleclick.net/ddm/activity/src=11368431;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
phs.com.mcas-df.ms/ 1 KB
1 KB 110ms
39ms Document
text/html 20.241.142.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://phs.com.mcas-df.ms/

Protocol

HTTP/1.1

Server

20.241.142.98 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 07:23:29 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 12
X-MCAS-Request-Id: ae2b6509330ec4878b2f7b03f0ce4c32
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.26.5/js/ 5 KB
5 KB 109ms
26ms Script
application/javascript 2600:141b:13::17d7:829b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.26.5/js/session-context-store-helper.min.js
Requested by: Host: phs.com.mcas-df.ms
URL: http://phs.com.mcas-df.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://phs.com.mcas-df.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 02 Dec 2022 07:23:29 GMT
last-modified: Thu, 01 Dec 2022 15:22:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Dor7jY9XuhzpOAkbPbiHoQ==
etag: 0x8DAD3AFE711C43B
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 97ea4940-d01e-0033-1e9b-050f2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31479674
x-ms-version: 2009-09-19
content-length: 4832

GET
H2 200 session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.26.5/html/ Frame 6181 209 B
659 B 26ms
25ms Document
text/html 2600:141b:13::17d7:829b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.26.5/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.26.5/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: http://phs.com.mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31479607
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Fri, 02 Dec 2022 07:23:29 GMT
etag: 0x8DAD3B00E967989
last-modified: Thu, 01 Dec 2022 15:23:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 97ea4988-d01e-0033-619b-050f2b000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.26.5/js/ Frame 6181 38 KB
38 KB 28ms
24ms Script
application/javascript 2600:141b:13::17d7:829b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.26.5/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.26.5/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.26.5/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 02 Dec 2022 07:23:29 GMT
last-modified: Thu, 01 Dec 2022 15:22:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: /YaMyLrHn30aHcVLtQfmcw==
etag: 0x8DAD3AFE7265A9A
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a2c000dd-f01e-0031-529b-05592f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31479659
x-ms-version: 2009-09-19
content-length: 38628

GET
H/1.1

200
OK

Primary Request phs.html Show response
myuhc.phs.com/content/lobby/angular/en/
Redirect Chain

https://phs.com/?
https://myuhc.phs.com/content/lobby/angular/en/phs.html?

13 KB
5 KB

719ms
76ms

Document
text/html

168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

5c99a08c5959b490f141fd9e04d3f78e7bfc14b5de96093c8dcbe237c3268945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: http://phs.com.mcas-df.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3992
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Content-Type: text/html;charset=utf-8
Date: Fri, 02 Dec 2022 07:23:30 GMT
Keep-Alive: timeout=15, max=500
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 02 Dec 2022 07:23:29 GMT
Keep-Alive: timeout=15, max=500
Location: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK clientlib-nurse-ribbon.css
myuhc.phs.com/etc.clientlibs/lobby/components/content/cm-nurse-ribbon/ 146 KB
20 KB 58ms
52ms Stylesheet
text/css 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/components/content/cm-nurse-ribbon/clientlib-nurse-ribbon.css

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

996514efa9214b5b073e28f5e27d239c7597060ba23a78b7213ddbcd4b4b33ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 19238
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 30 Nov 2022 22:04:16 GMT
ETag: "249fc-5eeb74918ed87-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H/1.1 200
OK responsive-grid.css
myuhc.phs.com/etc.clientlibs/lobby/clientlibs/ 121 KB
7 KB 58ms
49ms Stylesheet
text/css 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/clientlibs/responsive-grid.css

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

ba300d741aedeade1e20658f14cf56c47f0c5036a7c43c3d0fa5bde862735845

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Nov 2022 22:03:42 GMT
Content-Encoding: gzip
ETag: "1e4c7-5eeb74717a7c5-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 6946
X-XSS-Protection: 1;mode=block
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H/1.1 200
OK angular-app.css
myuhc.phs.com/etc.clientlibs/lobby/clientlibs/ 1007 KB
121 KB 123ms
63ms Stylesheet
text/css 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/clientlibs/angular-app.css

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

4f2b43f5167b557d0b11927781b5ca80912989684177ecfddc7fe423ea0d0597

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Nov 2022 22:03:42 GMT
Content-Encoding: gzip
ETag: "fbd41-5eeb747196130-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=499
X-XSS-Protection: 1;mode=block
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H2 200 launch-EN23d96c88d1a04ca595635d063c882d14.min.js Show response
assets.adobedtm.com/ 536 KB
108 KB 112ms
29ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 962bd939985dcf09b5ac8e903e5c9dc32dd9ca96d2050f595dee8d55da2f3f1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:30 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 14:26:19 GMT
server: AkamaiNetStorage
etag: "345896a620eaa38d7779369daaa55e7e:1668781579.023808"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://myuhc.phs.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 110544
expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H2 200 optum-messenger-widget.css
messenger-widget.optum.com/css/ 33 KB
34 KB 235ms
155ms Stylesheet
text/css 52.84.125.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://messenger-widget.optum.com/css/optum-messenger-widget.css
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.125.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-125-83.ord53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc8e7392c5cc552cbf83b053195593f2c924a00e38e93492d5df87ec0d68279e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: LJjmwY8qNIoegD5sKGiqqUaTl1zSSu1D
date: Fri, 02 Dec 2022 07:23:31 GMT
via: 1.1 35e07c95316db9000ef0d713d9fb2e2c.cloudfront.net (CloudFront)
last-modified: Fri, 06 Nov 2020 09:01:40 GMT
server: AmazonS3
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
etag: "895408e558e1127a56b90de9a51c2077"
x-cache: RefreshHit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 34095
x-amz-cf-id: F_pODOqlPZh_tW6uE-Of2qd2IxpspJp_XBMVubpLJUmwGObyIUDIvA==

GET
H/1.1 200
OK clientlib.css
myuhc.phs.com/etc.clientlibs/lobby/components/content/content-loader/ 13 KB
3 KB 144ms
46ms Stylesheet
text/css 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/components/content/content-loader/clientlib.css

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

670e673f05e311e15ad631eb5347e3fcface5dea2117b0d85a30d2d282058d02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 2041
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 30 Nov 2022 22:04:16 GMT
ETag: "34af-5eeb74919dbd0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=498
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H/1.1 200
OK clientlib.js Show response
myuhc.phs.com/etc.clientlibs/lobby/components/content/content-loader/ 1 B
471 B 168ms
44ms Script
application/javascript 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/components/content/content-loader/clientlib.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Nov 2022 22:09:43 GMT
ETag: "1-5eeb75c983302"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 1
X-XSS-Protection: 1;mode=block
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 376ms
17ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-1157d"
vary: Accept-Encoding
x-hw: 1669965811.dop003.tr2.t,1669965811.cds220.tr2.hn,1669965811.cds209.tr2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H/1.1 200
OK gn_override.css
myuhc.phs.com/etc/clientlibs/phs-gn-ui/scripts/globalNav/public/dist/css/ 968 B
965 B 162ms
43ms Stylesheet
text/css 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc/clientlibs/phs-gn-ui/scripts/globalNav/public/dist/css/gn_override.css

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

4d0eaad673f52d89f9ff05a3604ce1624ae313edf61c7e89c778cb52347d9dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Nov 2022 22:03:42 GMT
Content-Encoding: gzip
ETag: "3c8-5eeb74719c2d8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 453
X-XSS-Protection: 1;mode=block
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H/1.1 200
OK globalLoader.js Show response
myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/ 69 KB
23 KB 311ms
61ms Script
application/javascript 149.111.164.68
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.164.68 , United States, ASN10879 (UHC, US),

Reverse DNS

myoptum-temp-elr.optum.com

Software

Resource Hash

9aaf3465e9387812e2d24fc317da5cb49e0d5a001b55fab4db5e09fc09f4f34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 30 Nov 2022 20:37:48 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 22492

GET
H/1.1 200
OK bundle.js Show response
myuhc.phs.com/etc/clientlibs/phs-gn-ui/scripts/globalNav/public/dist/js/ 22 KB
6 KB 171ms
49ms Script
application/javascript 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc/clientlibs/phs-gn-ui/scripts/globalNav/public/dist/js/bundle.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

18eb78200c39e45f6e6af05367ddd81b70067bad33676059848abffe0d8c228c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Nov 2022 22:04:16 GMT
Content-Encoding: gzip
ETag: "594f-5eeb7491a8f1e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Content-Length: 6092
X-XSS-Protection: 1;mode=block
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H/1.1 200
OK angular-app-vendor.min.js Show response
myuhc.phs.com/etc.clientlibs/lobby/clientlibs/ 191 KB
65 KB 178ms
56ms Script
application/javascript 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/clientlibs/angular-app-vendor.min.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

714a5ce6eb9ecdc1cc3ea059db961ceff2fdf11797801c938f0ab5b213d573e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:30 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 30 Nov 2022 22:11:38 GMT
ETag: "2fb9c-5eeb7637a1a55-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500
Expires: Fri, 02 Dec 2022 08:23:30 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 628 KB
114 KB 74ms
20ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eba677ad27c0bd174b22c6f2c426f724027c5ff4fbcdc31f4c8d69d7735abd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3484
x-cache: HIT, HIT
content-length: 116574
x-served-by: cache-iad-kiad7000159-IAD, cache-ewr18178-EWR
x-browser-version: 108
last-modified: Tue, 29 Nov 2022 20:48:36 GMT
x-timer: S1669965811.258967,VS0,VE0
etag: "63867024-1c75e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 187

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 84ms
33ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/etc.clientlibs/lobby/components/content/cm-nurse-ribbon/clientlib-nurse-ribbon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5S30V4VSEVCSWSQN
age: 29722294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JfYceaRby/XRqJJi8d0uWi9g+jzGn6/PIjhlFCVFOA4a+oPXxoBhT3q6jdUfDY1kd+mtyBJwCQU=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7Flh76uXILq1oy7Pa1zS049v4EvFePG27sYhwjh9pL3E4KmQxvCgXuEsQ0rt9SBGVpFsoMaygGViVfvcZ3OArv0OfDGVrZwR1114EKSJv2KSSXEeMw33GZ8TJ%2B%2BKgbIIovJpox5bYqnHnQAiWCyAPgq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7732514e8cf69e16-EWR

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135

968 B
1 KB

28ms
28ms

XHR
application/json

54.225.210.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Server

54.225.210.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-210-223.compute-1.amazonaws.com

Software

Resource Hash

4cf9c966edfa1cc639e4b9124274adc0f7d1d7d1a118cf856f1fa9cd5fc755e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-05231ab83.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: qnEfEltHT34=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://myuhc.phs.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 558
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v044-04305b108.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: I9oNvIlNRUs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://myuhc.phs.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1669965811135
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX55a62bc2ea0a4c5b983ea298291d511a-libraryCode_source.min.js Show response
assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/ 43 KB
15 KB 41ms
41ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/EX55a62bc2ea0a4c5b983ea298291d511a-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f229acce4fdc59b6dd36d8e0289b1ecf6e8345a799df975340353e70169784e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 14:26:19 GMT
server: AkamaiNetStorage
etag: "0292a2b669a09bb071c113eb698ff5cc:1668781579.839054"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://myuhc.phs.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 14806
expires: Fri, 02 Dec 2022 08:23:31 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/uhg/optum/p/ 446 KB
134 KB 109ms
50ms Script
application/javascript 2606:4700::6812:190d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js
Requested by: Host: phs.com.mcas-df.ms
URL: http://phs.com.mcas-df.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2745b529c524db0d405360b5953abb785c1fbd5cbfb13a6765b0349ac831ecd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
x-amz-version-id: 2U55W.PFbuFSReZzmkLPKgyXEZnf7G2i
content-encoding: gzip
cf-cache-status: REVALIDATED
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 05 Sep 2022 11:12:03 GMT
server: cloudflare
etag: W/"26fa8398dac88d9184354e3c6c6e0099"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 77325150eb87d153-BUF
x-amz-cf-id: OzG7q1MR3hG2Ib8KrPqSL7ZA_UXlIX9kr1JiAfOBrq9bJToBvWpf8g==
expires: Fri, 02 Dec 2022 11:23:31 GMT

GET
H/1.1 200
OK config Show response
myuhc.phs.com/services/phs/gn/common/ 3 KB
4 KB 64ms
64ms XHR
text/plain 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/services/phs/gn/common/config?brand=uhc

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/etc/clientlibs/phs-gn-ui/scripts/globalNav/public/dist/js/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

883f1fae642af7e99ffd5512328e773028a44403ae71dff8303575eecfa5dc87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 02 Dec 2022 07:23:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=15, max=499
Content-Length: 3221
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK jcr:content.data.json Show response
myoptum.optum.com/content/global-loader/phs-lobby/ 4 KB
4 KB 437ms
51ms XHR
application/json 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/content/global-loader/phs-lobby/jcr:content.data.json

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

080c369bbd0b02da14e59c77d914aa4d929a2cac148f58bb65a2b0f42fd6d68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://myuhc.phs.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:31 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Keep-Alive: timeout=15, max=500
Content-Length: 3759

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 5199 7 KB
3 KB 144ms
28ms Document
text/html 3.232.151.210

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.151.210 -, , ASN (),

Reverse DNS

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://myuhc.phs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v044-005450917.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yGITakkvQyY=
content-encoding: gzip
date: Fri, 2 Dec 2022 07:23:31 GMT
last-modified: Fri, 28 Oct 2022 11:27:19 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
456 B 363ms
30ms XHR
application/x-javascript 63.140.38.117

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=38953797284257351211419391449403002382&ts=1669965811426

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.117 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

35828e140c20ea304b42bcc493859e4d51e5243a41d3d306a3847da84629f4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myuhc.phs.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://myuhc.phs.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y4mn8wAAABqAUQMv
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41722570163625851442043314400984175079
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4mn8wAAABqAUQMv

42 B
940 B

30ms
29ms

Image
image/gif

54.225.210.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4mn8wAAABqAUQMv

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Server

54.225.210.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-210-223.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0fe786233.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8GNQmPijRD4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4mn8wAAABqAUQMv
Date: Fri, 02 Dec 2022 07:23:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 21 KB
4 KB 357ms
41ms XHR
application/json 34.197.227.119

General

Check archive.org

Show headers Download Go to

Full URL: https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=bd6ce7d31bf14433ad847765bfbc6391&version=2.10.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.119 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e7c70e73af2c09f32988b1937b972193fdb39473f51ead2acd40f2de16a5704

Request headers

Referer: https://myuhc.phs.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 07:23:31 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://myuhc.phs.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: c8e0f6a37451c73d210d005d3b67acd8

GET
H/1.1 200
OK app.js Show response
myoptum.optum.com/etc/designs/global-navigation/prod/v12/js/ 575 KB
145 KB 222ms
56ms Script
application/javascript 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/etc/designs/global-navigation/prod/v12/js/app.js

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

65a82d593da64a4ea2c70c8a18983ee77141b60022f616badd14476d6ae8c1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 30 Nov 2022 20:37:48 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK output-prod.js Show response
myoptum.optum.com/etc/designs/oms-widget/ 2 MB
369 KB 223ms
57ms Script
application/javascript 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/etc/designs/oms-widget/output-prod.js

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

9bd41ce16ca5ba2520f1af2a3903dff6776b7dbe47f3c3e18fe9e5b258f1a37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 30 Nov 2022 20:37:46 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK scheduling.js Show response
myoptum.optum.com/etc/designs/odhd-scheduling-ui/prod/js/ 413 KB
120 KB 229ms
63ms Script
application/javascript 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/etc/designs/odhd-scheduling-ui/prod/js/scheduling.js

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

b63478485d98b76cb0d8ddcc06e33d9a52cfc60c17e54d3b9debd2755af5dab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 30 Nov 2022 20:37:47 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H/1.1 200
OK providerSearch.js Show response
myoptum.akamaized.net/etc/designs/provider-search-cdn/prod/v1.2/js/ 353 KB
113 KB 463ms
223ms Script
application/javascript 104.126.117.177

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.akamaized.net/etc/designs/provider-search-cdn/prod/v1.2/js/providerSearch.js

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.126.117.177 -, , ASN (),

Reverse DNS

Software

Resource Hash

ce70dd9e3da7b91b79f04194d82a4ee08def77d51fc4f3bbbdb39c62f177e032

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Encoding: gzip
Date: Fri, 02 Dec 2022 07:23:32 GMT
Last-Modified: Wed, 30 Nov 2022 20:38:14 GMT
Vary: Host,Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Expires: Fri, 02 Dec 2022 08:23:32 GMT

GET
H/1.1 200
OK globalNotifications.js Show response
myoptum.optum.com/etc/designs/global-notifications-cdn/prod/v1.2/js/ 287 KB
91 KB 227ms
62ms Script
application/javascript 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/etc/designs/global-notifications-cdn/prod/v1.2/js/globalNotifications.js

Requested by

Host: myoptum-temp.optum.com
URL: https://myoptum-temp.optum.com/etc/designs/odhd-global-loader/prod/js/globalLoader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

d7024c40222014b6991a7df68ffefc392b7a86f84b6ef6a12de183b8005255aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Last-Modified: Wed, 30 Nov 2022 20:37:47 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=500

GET
H2

200

activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;... Show response
8560775.fls.doubleclick.net/ Frame D4DE
Redirect Chain

https://8560775.fls.doubleclick.net/activityi;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

551 B
476 B

51ms
38ms

Document
text/html

142.250.65.166

General

Check archive.org

Show headers Download Go to

Full URL

https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434?

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f6b1be59bccc1c2d07f3e886a9e3e6c29680866a96698b42cf2c54dc86ba4827

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myuhc.phs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 07:23:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 07:23:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEA4uG52pXPcE5N7x8L2cptw&google_cver=1
dpm.demdex.net/ Frame 5199
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE3MjI1NzAxNjM2MjU4NTE0NDIwNDMzMTQ0MDA5ODQxNzUwNzk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE3MjI1NzAxNjM2MjU4NTE0NDIwNDMzMTQ0MDA5ODQxNzUwNzk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4uG52pXPcE5N7x8L2cptw&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

32ms
31ms

Image
image/gif

54.225.210.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4uG52pXPcE5N7x8L2cptw&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Server

54.225.210.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-210-223.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0f9de2fe8.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xP/9hjAoQG4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 07:23:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4uG52pXPcE5N7x8L2cptw&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6
dpm.demdex.net/ Frame 5199
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=myuhc.phs.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=myuhc.phs.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6

42 B
940 B

30ms
29ms

Image
image/gif

54.225.210.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Server

54.225.210.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-225-210-223.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0c98df419.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VNLliBr5SFU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 07:23:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H3

200

/ Show response
8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_cons... Frame BBF4
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...
https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

1 KB
650 B

46ms
45ms

Document
text/html

142.250.65.166

General

Check archive.org

Show headers Download Go to

Full URL

https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/

Requested by

Host: 8560775.fls.doubleclick.net
URL: https://8560775.fls.doubleclick.net/activityi;dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

03e03907597c589a596c0cf8acd4ae2596b3ec18a24da27bf0cb3ba1e27f5863

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8560775.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 07:23:32 GMT
expires: Fri, 02 Dec 2022 07:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 07:23:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 5199
Redirect Chain

https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=41722570163625851442043314400984175079
https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=41722570163625851442043314400984175079
https://dpm.demdex.net/ibs:dpid=285689&dpuuid=41722570163625851442043314400984175079&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079

120 B
918 B

86ms
85ms

Image
image/png

64.58.232.177

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: HTTP/1.1
Server: 64.58.232.177 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-US,en;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 07:23:32 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS11
Content-Length: 120
Expires: -1

Redirect headers

Date: Fri, 02 Dec 2022 07:23:33 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=41722570163625851442043314400984175079
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY01
Content-Length: 223

GET
BLOB 200
OK 2b7f7d62-673b-4be9-9520-37f0b8b3ffd5
https://myuhc.phs.com/ 75 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://myuhc.phs.com/2b7f7d62-673b-4be9-9520-37f0b8b3ffd5
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 75
Content-Type: application/javascript

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame BBF4
Redirect Chain

https://secure.adnxs.com/px?id=1535081&seg=27853642&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1535081%26seg%3D27853642%26t%3D1

360 B
1 KB

31ms
30ms

Script
application/javascript

68.67.181.211

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1535081%26seg%3D27853642%26t%3D1

Requested by

Host: 8560775.fls.doubleclick.net
URL: https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/

Protocol

HTTP/1.1

Server

68.67.181.211 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

c308a5985cd12a6f3947a26864eed521c6f94f8ea66042c9bc4a38c97f9caf0b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 07:23:32 GMT
AN-X-Request-Uuid: 2e8edd54-7f3f-4631-a2a3-0763bda1b8d1
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 07:23:32 GMT
AN-X-Request-Uuid: b1ada910-d0fa-4a5b-9179-dd1ce49f1057
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1535081%26seg%3D27853642%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BBF4
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=17nicet&ct=0:4ct87d9&fmt=3
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6

0
338 B

100ms
26ms

Image
text/plain

3.215.223.2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6
Requested by: Host: 8560775.fls.doubleclick.net
URL: https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/
Protocol: H2
Server: 3.215.223.2 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: beacon-n027-ash-prod.krxd.net
date: Fri, 02 Dec 2022 07:23:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=58 t=1669965813
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=35cd2d5e-e6f3-4845-a60e-4c635336a1f6
date: Fri, 02 Dec 2022 07:23:33 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a018-ash-prod.krxd.net

GET
H2 200 conversion
px.gumgum.com/ad/ Frame BBF4 0
182 B 344ms
30ms Image
text/plain 3.214.206.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.gumgum.com/ad/conversion?cmp=10089&num=1&rnd=1632489840162
Requested by: Host: 8560775.fls.doubleclick.net
URL: https://8560775.fls.doubleclick.net/ddm/fls/r/dc_pre=CLPEj7iz2vsCFVUHaAgdUDsGlA;src=8560775;type=optum0;cat=lpg_o064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=90262054088.6434;~oref=https://myuhc.phs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.206.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:32 GMT
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"
content-length: 0

POST
H/1.1 200 unfiltered Show response
myoptum.optum.com/api/ogn-global-navigation/preauth/content/ 4 KB
5 KB 79ms
78ms XHR
application/json 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/api/ogn-global-navigation/preauth/content/unfiltered

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

cb99145e458a2d388c8001aaaa5f5a8893a856665509c0667f177fb2995b6fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://myuhc.phs.com/
accept-language: en-US,en;q=0.9
Authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 07:23:32 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Access-Control-Allow-Headers: accept, content-type, authorization, x-sm-scope, x-lcp-act-as
Keep-Alive: timeout=15, max=498
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200 unfiltered
myoptum.optum.com/api/ogn-global-navigation/preauth/content/ Frame 0
0 147ms
141ms Preflight 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/api/ogn-global-navigation/preauth/content/unfiltered

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://myuhc.phs.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Headers: accept, content-type, authorization, x-sm-scope, x-lcp-act-as
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 02 Dec 2022 07:23:32 GMT
Expires: 0
Keep-Alive: timeout=15, max=499
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BBF4 103 KB
28 KB 319ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Dec 2022 07:23:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7ftsLtKMs0s23R5j294DsrYzOW+zgqOALVKuHrVrkzcZb8V2e/8ckREpyntpqct5xbwKL2Nv9E4aFDxeWR+3Jw==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK 79eaef4e-012e-4762-bbc5-b31d521ea5b6
https://myuhc.phs.com/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://myuhc.phs.com/79eaef4e-012e-4762-bbc5-b31d521ea5b6
Requested by: Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d8af66285ad9907f5d1901d6149d921ede2d260ae0b81a3e6cfbd59a4a5ad3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 1742
Content-Type: application/javascript

GET
H/1.1 200
OK UHC-Logo.svg
myuhc.phs.com/content/dam/phs/svg-final/ 6 KB
7 KB 55ms
54ms Image
image/svg+xml 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myuhc.phs.com/content/dam/phs/svg-final/UHC-Logo.svg

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

bd96dac74b21a658cb2b22d2a17da9bdd68cfd6142d21f4b2d8456ca89f7eda9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:33 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Last-Modified: Wed, 05 May 2021 01:46:39 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Content-Disposition: attachment; filename="UHC-Logo.svg"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=498
Content-Length: 6344
X-XSS-Protection: 1;mode=block
Expires: Fri, 09 Dec 2022 07:23:33 GMT

GET
H/1.1 200
OK uhcsans-regular-webfont.woff2
myoptum.optum.com/etc/designs/global-navigation/prod/v12/assets/fonts/ 23 KB
24 KB 53ms
53ms Font
application/octet-stream 168.183.37.25

General

Check archive.org

Show headers Download Go to

Full URL

https://myoptum.optum.com/etc/designs/global-navigation/prod/v12/assets/fonts/uhcsans-regular-webfont.woff2

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.37.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

6c8bf45f29ad43fe0d498f1a265594310f43b4dca8c736e7a8523d364adaf9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myuhc.phs.com/
Origin: https://myuhc.phs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:33 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 08 Nov 2022 05:01:47 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: Keep-Alive
Access-Control-Allow-Headers: *
Content-Length: 23996
Keep-Alive: timeout=15, max=497

GET
H3

200

src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Frame BBF4
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11368431;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...
https://adservice.google.com/ddm/fls/z/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...

42 B
63 B

88ms
44ms

Image
image/gif

2607:f8b0:4006:817::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Protocol

Server

2607:f8b0:4006:817::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 07:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 07:23:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11368431;dc_pre=CIih07iz2vsCFZJB7Aod6VMJMA;type=invmedia;cat=optum0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 168432534574012 Show response
connect.facebook.net/signals/config/ Frame BBF4 26 KB
7 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/168432534574012?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

bbde5cc8f31fe7e968888de3ea06dc97ef6f060ebd1f9d4b1b3fa758aa011422

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Dec 2022 07:23:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7513
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: E7oHpUkHgCDAIhRzkGhXc9ejRCCMRmlfKzdPDueP2mm8X1ut0dCR/6tHg+WopbUr2E5U8kqh8uyIOWVfu+9+Dw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK angular-app.min.js
myuhc.phs.com/etc.clientlibs/lobby/clientlibs/ 5 MB
2 MB 70ms
70ms Script
application/javascript 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/clientlibs/angular-app.min.js

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:33 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 30 Nov 2022 22:03:48 GMT
ETag: "4eba8f-5eeb74772f806-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=497
Expires: Fri, 02 Dec 2022 08:23:33 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame BBF4 0
185 B 85ms
28ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168432534574012&ev=LPG_OptumHealth_PHS_Site%20Visit&dl=https%3A%2F%2F8560775.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLPEj7iz2vsCFVUHaAgdUDsGlA%3Bsrc%3D8560775%3Btype%3Doptum0%3Bcat%3Dlpg_o064%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%24%257BGDPR%257D%3Bgdpr_consent%3D%24%257BGDPR_CONSENT_755%257D%3Bord%3D90262054088.6434%3B~oref%3Dhttps%3A%2F%2Fmyuhc.phs.com%2F&rl=https%3A%2F%2F8560775.fls.doubleclick.net%2F&if=true&ts=1669965813185&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&it=1669965813094&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://8560775.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Dec 2022 07:23:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK config
myuhc.phs.com/services/lobby/ 910 B
1 KB 50ms
50ms XHR
text/plain 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/services/lobby/config

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:34 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=15, max=496
Content-Length: 910
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK info
myuhc.phs.com/services/phs/user/ 2 B
806 B 49ms
48ms XHR
text/plain 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/services/phs/user/info

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:34 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Keep-Alive: timeout=15, max=498
Content-Length: 2
X-XSS-Protection: 1;mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK angular.model.json
myuhc.phs.com/content/lobby/ 200 KB
0 165ms
164ms Fetch
application/json 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/content/lobby/angular.model.json

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/content/lobby/angular/en/phs.html?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:34 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json;charset=utf-8
Connection: Keep-Alive
Keep-Alive: timeout=15, max=499
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK uhcsans-regular-webfont.woff2
myuhc.phs.com/etc.clientlibs/lobby/clientlibs/angular-app/resources/fonts/uhc/ 23 KB
24 KB 53ms
52ms Font
application/octet-stream 168.183.65.158
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://myuhc.phs.com/etc.clientlibs/lobby/clientlibs/angular-app/resources/fonts/uhc/uhcsans-regular-webfont.woff2

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/etc.clientlibs/lobby/components/content/cm-nurse-ribbon/clientlib-nurse-ribbon.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.183.65.158 , United States, ASN10879 (UHC, US),

Reverse DNS

phs1-ctc.optum.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://myuhc.phs.com/etc.clientlibs/lobby/components/content/cm-nurse-ribbon/clientlib-nurse-ribbon.css
Origin: https://myuhc.phs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:34 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy: frame-ancestors 'self' https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com
Last-Modified: Thu, 21 Nov 2019 20:01:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Cache-Control: max-age=86400, public
Connection: Keep-Alive
Keep-Alive: timeout=15, max=495
Content-Length: 23996
X-XSS-Protection: 1;mode=block

GET
H2 200 s67736992580271
smetrics.optum.com/b/ss/uhgphsprod,uhgoptumglobalprod,uhgenterprisecoreprod/1/JS-2.0.0%20L-LCXS/ 43 B
224 B 260ms
258ms Image
image/gif 63.140.38.117

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgphsprod,uhgoptumglobalprod,uhgenterprisecoreprod/1/JS-2.0.0%20L-LCXS/s67736992580271?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%207%3A23%3A34%205%200&sdid=0721AFC2115DD57A-32948B930EBBFD0C&mid=38953797284257351211419391449403002382&aamlh=7&ce=UTF-8&ns=unitedhealthgroup&pageName=uhc%3Aphs%3Ahome&g=https%3A%2F%2Fmyuhc.phs.com%2Fcontent%2Flobby%2Fangular%2Fen%2Fphs.html&r=http%3A%2F%2Fphs.com.mcas-df.ms%2F&c.&getNewRepeat=3.0.1&apl=4.0&getPercentPageViewed=5.0.1&getPageLoadTime=2.0.1&.c&cc=USD&ch=lobby&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=https%3A%2F%2Fmyuhc.phs.com%2Fcontent%2Flobby%2Fangular%2Fen%2Fphs.html&v1=uhc&c2=2.0.0%20l%3A2022-11-18t14%3A24%3A59z&v2=phs&v3=https%3A%2F%2Fmyuhc.phs.com%2Fcontent%2Flobby%2Fangular%2Fen%2Fphs.html&c6=D%3Dv5&c17=D%3Dv17&c22=D%3Dv22&v22=member%3Aunauth&c23=D%3Dv23&v23=not%20loggedin&c24=new&v24=new&c25=uhc%3Aphs%3Ahome&v25=uhc%3Aphs%3Ahome&c26=D%3Dv26&v26=%7C&c44=D%3Dv44&c71=english&v72=38953797284257351211419391449403002382&c74=D%3Dv74&c75=page%7Cuhc%3Aphs%3Ahome&v131=62c5206c-54c4-4879-8e21-95a2fcf91663&v132=aecb7806-242a-41aa-9bb4-7957fa0db2d4&v133=https%3A%2F%2Fconsole.uhg.glassboxdigital.io%2Fwebinterface%2Fwebui%2F%23%2Fsessions%2F_cls_s%3Aaecb7806-242a-41aa-9bb4-7957fa0db2d4%3A0%2Freplay%3Ffrom%3D1669886614809%26till%3D1669973014809&v140=optum&v141=uhc&v142=phs&v143=website&v144=desktop&v145=D%3Dv25&v149=1669965814&v152=D%3Dmid&v153=D%3Dv3&v154=https%3A%2F%2Fmyuhc.phs.com%2Fcontent%2Flobby%2Fangular%2Fen%2Fphs.html&v156=D%3Dv0&v157=dc%20%7C%20page%20view%20-%20lobby%20-%20s.tp&v162=not%20logged%20in&v164=D%3Dv55&v166=D%3Dv74&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.117 -, , ASN (),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 07:23:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 03 Dec 2022 07:23:34 GMT
server: jag
etag: 3586224280386371584-4619802146440465014
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 01 Dec 2022 07:23:34 GMT

GET
H2 200 RC41d7a917b58245d29e49f565105e1ce5-source.min.js
assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/ 807 B
732 B 36ms
34ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/RC41d7a917b58245d29e49f565105e1ce5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:34 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 14:26:19 GMT
server: AkamaiNetStorage
etag: "0292a2b669a09bb071c113eb698ff5cc:1668781579.839054"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://myuhc.phs.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 468
expires: Fri, 02 Dec 2022 08:23:34 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 110 KB
44 KB 89ms
36ms Script
application/javascript 2607:f8b0:4006:81c::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44135
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 07:23:35 GMT

GET
H2 200 RCf84830dcbe4e418b867a2c2b429efec3-source.min.js
assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/ 779 B
756 B 23ms
23ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/RCf84830dcbe4e418b867a2c2b429efec3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 14:26:19 GMT
server: AkamaiNetStorage
etag: "0292a2b669a09bb071c113eb698ff5cc:1668781579.839054"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://myuhc.phs.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 492
expires: Fri, 02 Dec 2022 08:23:35 GMT

GET
H2 200 RC828a45aae06246d3b78d94a499169729-source.min.js
assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/ 524 B
613 B 24ms
23ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/1876dffeabe8/5f115889b090/RC828a45aae06246d3b78d94a499169729-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN23d96c88d1a04ca595635d063c882d14.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:23:35 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 14:26:19 GMT
server: AkamaiNetStorage
etag: "0292a2b669a09bb071c113eb698ff5cc:1668781579.839054"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://myuhc.phs.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 349
expires: Fri, 02 Dec 2022 08:23:35 GMT

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ 103 KB
27 KB 27ms
27ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: phs.com.mcas-df.ms
URL: http://phs.com.mcas-df.ms/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Dec 2022 07:23:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: l8dkcDx2g93ed/m/VPEzG9lIpDYEStCoTzWL43vHBmj4L0sgND2j9We43vy47O0DnmrtwvkWmv9CRiM8z3pzCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 168432534574012
connect.facebook.net/signals/config/ 26 KB
7 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/168432534574012?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Dec 2022 07:23:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7513
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: E7oHpUkHgCDAIhRzkGhXc9ejRCCMRmlfKzdPDueP2mm8X1ut0dCR/6tHg+WopbUr2E5U8kqh8uyIOWVfu+9+Dw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 46ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168432534574012&ev=PageView&dl=https%3A%2F%2Fmyuhc.phs.com%2Fcontent%2Flobby%2Fangular%2Fen%2Fphs.html&rl=http%3A%2F%2Fphs.com.mcas-df.ms%2F&if=false&ts=1669965815295&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1669965815294.803183582&it=1669965815263&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=a0&rqm=GET

Requested by

Host: myuhc.phs.com
URL: https://myuhc.phs.com/content/lobby/angular/en/phs.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Dec 2022 07:23:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK cls_report
report.uhg.glassboxdigital.io/glassbox/reporting/63f2f83c-0638-4cb3-82c4-540d467824d2/ 5 KB
3 KB 116ms
27ms XHR
application/json 3.95.48.132

General

Check archive.org

Show headers Download Go to

Full URL

https://report.uhg.glassboxdigital.io/glassbox/reporting/63f2f83c-0638-4cb3-82c4-540d467824d2/cls_report?_cls_s=aecb7806-242a-41aa-9bb4-7957fa0db2d4%3A0&_cls_v=62c5206c-54c4-4879-8e21-95a2fcf91663&pv=2&f_cls_s=true

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/uhg/optum/p/detector-dom.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.95.48.132 -, , ASN (),

Reverse DNS

Software

GlassBox Cligate /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myuhc.phs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:23:35 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
Content-Security-Policy: default-src 'self';
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1734
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: GlassBox Cligate
X-Frame-Options: SAMEORIGIN
vary: origin
Content-Type: application/json
access-control-allow-origin: https://myuhc.phs.com
access-control-allow-credentials: true
GB-Server: g5025
X-Robots-Tag: noindex

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phs.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 12:11:57	Name: demdex Value: 41722570163625851442043314400984175079
.phs.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.phs.com/	1970-01-20 17:28:45	Name: _cls_v Value: 62c5206c-54c4-4879-8e21-95a2fcf91663
.phs.com/	1969-12-31 23:59:59	Name: _cls_s Value: aecb7806-242a-41aa-9bb4-7957fa0db2d4:0
.everesttech.net/	1970-01-20 16:38:21	Name: everest_g_v2 Value: g_surferid~Y4mn8wAAABqAUQMv
.dpm.demdex.net/	1970-01-20 12:11:57	Name: dpm Value: 41722570163625851442043314400984175079
.phs.com/	1970-01-20 17:28:45	Name: mbox Value: session#bd6ce7d31bf14433ad847765bfbc6391#1669967672\|PC#bd6ce7d31bf14433ad847765bfbc6391.34_0#1733210612
.phs.com/	1970-01-20 17:28:45	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19329%7CMCMID%7C38953797284257351211419391449403002382%7CMCAAMLH-1670570611%7C7%7CMCAAMB-1670570611%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1669973011s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19336%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-20 17:28:45	Name: IDE Value: AHWqTUm-jzgSmgAq1XHhYfh0qy8LRgWrEZn_IPOpTbM7oQfVNjykd9BwY1vmm3iyD7Q
.adsrvr.org/	1970-01-20 16:38:21	Name: TDID Value: 35cd2d5e-e6f3-4845-a60e-4c635336a1f6
.demdex.net/	1970-01-20 12:11:57	Name: dextp Value: 771-1-1669965812032\|903-1-1669965812136\|285689-1-1669965812271
.adsrvr.org/	1970-01-20 16:38:21	Name: TDCPM Value: CAESEgoDYWFtEgsIyL6I5YSQqjsQBRITCgRrcnV4EgsItNyKh8vdnjsQBRgFKAEyCwi01OOTm5CqOxAFOAFCBCICCAFaBzE3bmljZXRgAXIEa3J1eA..
.adnxs.com/	1970-01-20 10:02:21	Name: uuid2 Value: 2718217647863301695
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bc4g5bz3ty4okejnelc3xlck
.gumgum.com/	1970-01-20 16:38:21	Name: cs Value: true
.adnxs.com/	1970-01-20 10:02:21	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Il_ws2?W!]tbP6j2F-XstGt!@Df1$nK`d
myuhc.phs.com/	1970-01-20 16:38:21	Name: langKey Value: en
.krxd.net/	1970-01-20 12:11:57	Name: _kuid_ Value: PO7bbjfu
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mwlmrgk4xsec4dtuphig3yln
.ib.mookie1.com/	1970-01-20 16:38:21	Name: ibkukiuno Value: s=50a36188-6b17-479b-aa5b-1681351bdb67&h=&v=0&l=-8585316410721773480&op=&hl=0&vlu=0&tcs=1&dcc=-8585316410721773480
.ib.mookie1.com/	1970-01-20 16:38:21	Name: ibkukinet Value: 1611266347=-8585316410721773480

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://myuhc.phs.com/undefined#icon Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8560775.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
assets.adobedtm.com
beacon.krxd.net
cdn.gbqofs.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dpm.demdex.net
fast.wistia.com
global.ib-ibi.com
ib.mookie1.com
insight.adsrvr.org
match.adsrvr.org
mcasproxy.azureedge.net
messenger-widget.optum.com
myoptum-temp.optum.com
myoptum.akamaized.net
myoptum.optum.com
myuhc.phs.com
phs.com
phs.com.mcas-df.ms
px.gumgum.com
report.uhg.glassboxdigital.io
secure.adnxs.com
smetrics.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
use.fontawesome.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
104.126.117.177
142.250.65.166
142.251.32.102
142.251.40.130
149.111.164.200
149.111.164.68
15.197.193.217
168.183.37.25
168.183.65.158
20.241.142.98
2600:1400:d:586::1e80
2600:141b:13::17d7:829b
2606:4700::6812:190d
2606:4700:e2::ac40:840f
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::622
3.214.206.32
3.215.223.2
3.232.151.210
3.95.48.132
34.194.219.113
34.197.227.119
52.22.220.75
52.84.125.83
54.225.210.223
63.140.38.117
64.58.232.176
64.58.232.177
68.67.181.211
69.16.175.42
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03e03907597c589a596c0cf8acd4ae2596b3ec18a24da27bf0cb3ba1e27f5863
080c369bbd0b02da14e59c77d914aa4d929a2cac148f58bb65a2b0f42fd6d68b
18eb78200c39e45f6e6af05367ddd81b70067bad33676059848abffe0d8c228c
35828e140c20ea304b42bcc493859e4d51e5243a41d3d306a3847da84629f4c4
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
4cf9c966edfa1cc639e4b9124274adc0f7d1d7d1a118cf856f1fa9cd5fc755e3
4d0eaad673f52d89f9ff05a3604ce1624ae313edf61c7e89c778cb52347d9dd4
4f2b43f5167b557d0b11927781b5ca80912989684177ecfddc7fe423ea0d0597
5c99a08c5959b490f141fd9e04d3f78e7bfc14b5de96093c8dcbe237c3268945
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
65a82d593da64a4ea2c70c8a18983ee77141b60022f616badd14476d6ae8c1ea
670e673f05e311e15ad631eb5347e3fcface5dea2117b0d85a30d2d282058d02
6c8bf45f29ad43fe0d498f1a265594310f43b4dca8c736e7a8523d364adaf9ad
714a5ce6eb9ecdc1cc3ea059db961ceff2fdf11797801c938f0ab5b213d573e8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e7c70e73af2c09f32988b1937b972193fdb39473f51ead2acd40f2de16a5704
883f1fae642af7e99ffd5512328e773028a44403ae71dff8303575eecfa5dc87
962bd939985dcf09b5ac8e903e5c9dc32dd9ca96d2050f595dee8d55da2f3f1a
996514efa9214b5b073e28f5e27d239c7597060ba23a78b7213ddbcd4b4b33ca
9aaf3465e9387812e2d24fc317da5cb49e0d5a001b55fab4db5e09fc09f4f34f
9bd41ce16ca5ba2520f1af2a3903dff6776b7dbe47f3c3e18fe9e5b258f1a37f
a1d8af66285ad9907f5d1901d6149d921ede2d260ae0b81a3e6cfbd59a4a5ad3
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b63478485d98b76cb0d8ddcc06e33d9a52cfc60c17e54d3b9debd2755af5dab4
ba300d741aedeade1e20658f14cf56c47f0c5036a7c43c3d0fa5bde862735845
bbde5cc8f31fe7e968888de3ea06dc97ef6f060ebd1f9d4b1b3fa758aa011422
bd96dac74b21a658cb2b22d2a17da9bdd68cfd6142d21f4b2d8456ca89f7eda9
c308a5985cd12a6f3947a26864eed521c6f94f8ea66042c9bc4a38c97f9caf0b
cb99145e458a2d388c8001aaaa5f5a8893a856665509c0667f177fb2995b6fad
cc8e7392c5cc552cbf83b053195593f2c924a00e38e93492d5df87ec0d68279e
ce70dd9e3da7b91b79f04194d82a4ee08def77d51fc4f3bbbdb39c62f177e032
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d7024c40222014b6991a7df68ffefc392b7a86f84b6ef6a12de183b8005255aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba677ad27c0bd174b22c6f2c426f724027c5ff4fbcdc31f4c8d69d7735abd4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f229acce4fdc59b6dd36d8e0289b1ecf6e8345a799df975340353e70169784e4
f2745b529c524db0d405360b5953abb785c1fbd5cbfb13a6765b0349ac831ecd
f6b1be59bccc1c2d07f3e886a9e3e6c29680866a96698b42cf2c54dc86ba4827

myuhc.phs.com Open in urlscan Pro 168.183.65.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

83 %HTTPS

27 %IPv6

25 Domains

34 Subdomains

27 IPs

1 Countries

3364 kBTransfer

12329 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

myuhc.phs.com Open in urlscan Pro
168.183.65.158 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

83 %
HTTPS

27 %
IPv6

25
Domains

34
Subdomains

27
IPs

1
Countries

3364 kB
Transfer

12329 kB
Size

22
Cookies

65 HTTP transactions
0 data transactions