identity.onehealthcareid.com Open in urlscan Pro
18.66.97.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://linkhealth.com/
Effective URL:
https://identity.onehealthcareid.com/app/index.html
Submission Tags: tranco_l324
Submission: On November 04 via api (November 4th 2021, 7:03:34 am UTC) from DE — Scanned from DE

Summary HTTP 98 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 98 HTTP transactions. The main IP is 18.66.97.116, located in United States and belongs to AMAZON-02, US. The main domain is identity.onehealthcareid.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 20th 2021. Valid for: a year.

This is the only time identity.onehealthcareid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.183.36.229 168.183.36.229	10879 (UHC) (UHC)
2 2	143.204.98.10 143.204.98.10	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:225... 2600:9000:2251:8c00:1a:19fe:bb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	2600:9000:215... 2600:9000:2156:9000:18:51c1:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
8	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	52.18.85.49 52.18.85.49	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.107.51 18.66.107.51	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	54.162.154.79 54.162.154.79	14618 (AMAZON-AES) (AMAZON-AES)
1	52.210.87.143 52.210.87.143	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	34.241.165.255 34.241.165.255	16509 (AMAZON-02) (AMAZON-02)
2 25	18.66.97.116 18.66.97.116	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223d:5200:16:4490:3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.111.164.232 149.111.164.232	10879 (UHC) (UHC)
17	185.32.241.65 185.32.241.65	30286 (THM) (THM)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
2	149.111.165.13 149.111.165.13	10879 (UHC) (UHC)
98	24

1 168.183.36.229 (United States) 1 redirects

ASN10879 (UHC, US)
PTR: www-360-ctc.optum.com

linkhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.10 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-10.fra50.r.cloudfront.net

provider.linkhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:8c00:1a:19fe:bb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure.uhcprovider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:9000:18:51c1:c340:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

apps.uhcprovider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.85.49 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.51 (United States)

ASN16509 (AMAZON-02, US)

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.162.154.79 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-154-79.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.87.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.165.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-165-255.eu-west-1.compute.amazonaws.com

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.97.116 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

identity.onehealthcareid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:5200:16:4490:3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

provider-cdn.linkhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.111.164.232 (United States)

ASN10879 (UHC, US)
PTR: repo-elr.rakanto.com

repo.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.32.241.65 (United States)

ASN30286 (THM, US)

rba.onehealthcareid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.111.165.13 (United States)

ASN10879 (UHC, US)
PTR: cse-elr.rakanto.com

cse.rakanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	onehealthcareid.com 2 redirects identity.onehealthcareid.com rba.onehealthcareid.com	664 KB
14	uhcprovider.com 1 redirects secure.uhcprovider.com apps.uhcprovider.com	2 MB
8	jsdelivr.net cdn.jsdelivr.net	69 KB
6	linkhealth.com 3 redirects linkhealth.com provider.linkhealth.com provider-cdn.linkhealth.com	8 KB
5	online-metrix.net 1 redirects h.online-metrix.net 15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net	16 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	demdex.net 1 redirects dpm.demdex.net unitedhealthgroup.demdex.net	6 KB
4	adobedtm.com assets.adobedtm.com	159 KB
3	rakanto.com repo.rakanto.com cse.rakanto.com	42 KB
3	sessioncam.com ws.sessioncam.com	1 KB
2	nr-data.net bam.nr-data.net	517 B
2	cloudflare.com cdnjs.cloudflare.com	116 KB
2	polyfill.io polyfill.io	864 B
1	newrelic.com js-agent.newrelic.com	14 KB
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net	231 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	optum.com smetrics.optum.com	511 B
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	60 KB
1	licdn.com snap.licdn.com	2 KB
0	Failed function sub() { [native code] }. Failed
0	qualtrics.com Failed zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com Failed
98	21

	Domain	Requested by
25	identity.onehealthcareid.com	2 redirects apps.uhcprovider.com identity.onehealthcareid.com
17	rba.onehealthcareid.com	identity.onehealthcareid.com rba.onehealthcareid.com
8	cdn.jsdelivr.net	secure.uhcprovider.com
8	apps.uhcprovider.com	1 redirects secure.uhcprovider.com identity.onehealthcareid.com apps.uhcprovider.com
6	secure.uhcprovider.com	secure.uhcprovider.com
4	h.online-metrix.net	1 redirects rba.onehealthcareid.com
4	assets.adobedtm.com	secure.uhcprovider.com
3	provider-cdn.linkhealth.com	secure.uhcprovider.com
3	ws.sessioncam.com	secure.uhcprovider.com
3	dpm.demdex.net	1 redirects secure.uhcprovider.com
2	cse.rakanto.com	identity.onehealthcareid.com
2	bam.nr-data.net	identity.onehealthcareid.com
2	cdnjs.cloudflare.com	secure.uhcprovider.com
2	px.ads.linkedin.com	2 redirects
2	polyfill.io	secure.uhcprovider.com
2	provider.linkhealth.com	2 redirects
1	15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net
1	js-agent.newrelic.com	identity.onehealthcareid.com
1	repo.rakanto.com	identity.onehealthcareid.com
1	unitedhealthgroup.tt.omtrdc.net	secure.uhcprovider.com
1	cm.everesttech.net	1 redirects
1	smetrics.optum.com	secure.uhcprovider.com
1	unitedhealthgroup.demdex.net	secure.uhcprovider.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	d2oh4tlt9mrke9.cloudfront.net	secure.uhcprovider.com
1	snap.licdn.com	secure.uhcprovider.com
1	linkhealth.com	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	rba.onehealthcareid.com
0	zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com Failed	secure.uhcprovider.com
98	30

This site contains links to these domains. Also see Links.

Domain
uhcprovider.com

Subject Issuer	Validity	Valid
secure.uhcprovider.com COMODO RSA Organization Validation Secure Server CA	`2021-05-20` - `2022-05-20`	a year	crt.sh
apps.uhcprovider.com COMODO RSA Organization Validation Secure Server CA	`2021-07-28` - `2022-07-28`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
ws.sessioncam.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-18`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
identity.onehealthcareid.com COMODO RSA Organization Validation Secure Server CA	`2021-05-20` - `2022-05-20`	a year	crt.sh
provider-apps.linkhealth.com COMODO RSA Organization Validation Secure Server CA	`2020-12-07` - `2021-12-07`	a year	crt.sh
repo.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2021-04-17` - `2022-04-17`	a year	crt.sh
rba.optumgovid.com COMODO RSA Organization Validation Secure Server CA	`2021-05-24` - `2022-05-24`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
cse.rakanto.com COMODO RSA Organization Validation Secure Server CA	`2021-04-28` - `2022-04-28`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://identity.onehealthcareid.com/app/index.html
Frame ID: 60F96F2152FD1F19D9680A3396EF644C
Requests: 75 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 1BA3CA4BEAA72212D66FE216B5D4C1DB
Requests: 1 HTTP requests in this frame

Frame: https://rba.onehealthcareid.com/fp/check.js;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jb=363b26246a716f7535446b6e7d70266a736f35446b6c7d70266a73627d3d416070676d67246873603d416872676567253a383935
Frame ID: 0567ED8A195970D81711E7FE41572E85
Requests: 13 HTTP requests in this frame

Frame: https://rba.onehealthcareid.com/fp/HP?session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 9005591310379FCB5D9EB6F89F2E5D31
Requests: 3 HTTP requests in this frame

Frame: https://rba.onehealthcareid.com/fp/ls_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66
Frame ID: D71018871908DF833CEA92E53EA51F0E
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66
Frame ID: 7EB2E5EF1F4921E9A5E04FC6729B1AAE
Requests: 2 HTTP requests in this frame

Frame: https://rba.onehealthcareid.com/fp/top_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66
Frame ID: B000C54660C2701220D928A4A1C3C96D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In With Your One Healthcare ID - One Healthcare ID

Page URL History Show full URLs

http://linkhealth.com/ HTTP 301
http://provider.linkhealth.com/ HTTP 301
https://provider.linkhealth.com/ HTTP 302
https://secure.uhcprovider.com/ Page URL
https://apps.uhcprovider.com/api/identity/ohid/oidc/authorize?state=eyJyZWRpcmVjdCI6Imh0dHBzOi8vc2VjdXJlL... HTTP 302
https://identity.onehealthcareid.com/oidc/authorize?client_id=sde60155&redirect_uri=https%3A%2F%2Fapps.uhcprovide... HTTP 302
https://identity.onehealthcareid.com/api/v1/auth/login HTTP 302
https://identity.onehealthcareid.com/app/index.html Page URL

Page Statistics

98
Requests

91 %
HTTPS

36 %
IPv6

21
Domains

30
Subdomains

24
IPs

4
Countries

3551 kB
Transfer

6810 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://uhcprovider.com/
Title: UHCprovider.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://linkhealth.com/ HTTP 301
http://provider.linkhealth.com/ HTTP 301
https://provider.linkhealth.com/ HTTP 302
https://secure.uhcprovider.com/ Page URL
https://apps.uhcprovider.com/api/identity/ohid/oidc/authorize?state=eyJyZWRpcmVjdCI6Imh0dHBzOi8vc2VjdXJlLnVoY3Byb3ZpZGVyLmNvbS8iLCJub25jZSI6InFKZ1JQWUhmb1FYaCJ9 HTTP 302
https://identity.onehealthcareid.com/oidc/authorize?client_id=sde60155&redirect_uri=https%3A%2F%2Fapps.uhcprovider.com%2Fapi%2Fidentity%2Fohid%2Fauthorize%2Fcallback&response_type=code&scope=openid%2Bprofile%2Bemail%2Bphone%2Baddress&state=WYN0xTriNsoXNKg8tQcY19LZE5MeScxc HTTP 302
https://identity.onehealthcareid.com/api/v1/auth/login HTTP 302
https://identity.onehealthcareid.com/app/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://linkhealth.com/ HTTP 301
http://provider.linkhealth.com/ HTTP 301
https://provider.linkhealth.com/ HTTP 302
https://secure.uhcprovider.com/

Request Chain 9

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225

Request Chain 18

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1636009407311%26url%3Dhttps%253A%252F%252Fsecure.uhcprovider.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true&e_ipv6=AQLhgwldoZEqDAAAAXzpwnaKjhKbZatL9M9U2cji2yFna5VXyYdApN7lFkSX_vlhVeSuvgKLPEML

Request Chain 22

https://cm.everesttech.net/cm/dd?d_uuid=60306992366947072132981805253880053646 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYOFvwAAAMWqPQQS

Request Chain 56

https://identity.onehealthcareid.com/tenants/onehealthcareid/css/onehealthcareid.css HTTP 302
https://identity.onehealthcareid.com/app/error.html

Request Chain 79

https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&k=2

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
secure.uhcprovider.com/
Redirect Chain

http://linkhealth.com/
http://provider.linkhealth.com/
https://provider.linkhealth.com/
https://secure.uhcprovider.com/

2 KB
2 KB

513ms
413ms

Document
text/html

2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.uhcprovider.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UnitedHealthcare /

Resource Hash

a91fef78fbe532b68fbc9185c15b99c590915baf3870556ced93d764aa710e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
content-length: 1809
date: Thu, 04 Nov 2021 07:03:27 GMT
last-modified: Fri, 29 Oct 2021 00:02:32 GMT
etag: "e9c781047c2f6e97ca7a54f06338fb1f"
x-amz-server-side-encryption: AES256
cache-control: max-age=0,no-cache,no-store,must-revalidate
accept-ranges: bytes
server: UnitedHealthcare
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: pht1FYEs0Mkcum-C_994hoWRk8CuUfBoqIaNcTBawqSv4YX1MMCwvA==

Redirect headers

content-length: 0
location: https://secure.uhcprovider.com
server: CloudFront
date: Thu, 04 Nov 2021 07:03:26 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z6Bo0wh5MK49W9V_VPuP_ntSfdr2c2_O8VpLHJJJMma56sf3apoDSg==

GET
H2 200 stylesheet.css
apps.uhcprovider.com/cdn/uhc-brand/ 297 KB
38 KB 198ms
14ms Stylesheet
text/css 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-brand/stylesheet.css
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 705495f84f2adb64029733a4ea92b84aa9cf373b5dc7f05f2329165829d38b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 20:34:49 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 14:25:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"5224ab3b73a47e6ee23685c4ef32e732"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: -ru5p0SOv_xLYojCvhGZvxbalfLX_cETGj4jKjPBzTz6RFpOJ67JFw==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

GET
H2 200 newrelic.js Show response
secure.uhcprovider.com/static/scripts/prod/ 27 KB
27 KB 8ms
7ms Script
application/javascript 2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UnitedHealthcare /

Resource Hash

062a832fee52b63b43ab13ff33f83e71d4a3ba1b617b6e88d1c46c1100ef7a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 31 Aug 2021 03:39:08 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified: Wed, 25 Aug 2021 22:07:09 GMT
server: UnitedHealthcare
age: 5628259
etag: "fc42d194426cccf5b7409c0738cbc26e"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 27169
x-amz-cf-id: JWEtim1i_u3fy3Kl833x3g6MBY2QPJFDuSTzQc-ATxNYPwB5vExleg==

GET
H2 200 launch-ENc6e1900426c840fd81d27085571d578d.min.js Show response
assets.adobedtm.com/ 603 KB
144 KB 32ms
12ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENc6e1900426c840fd81d27085571d578d.min.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1910ec08af09ef14e4ef8c1250db1d36aca66afffb25769fd08525ff58ea1d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 11:44:30 GMT
server: AkamaiNetStorage
etag: "7bfea27f6d3a1b09852656997e9a522a:1635939870.408835"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://secure.uhcprovider.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 146711
expires: Thu, 04 Nov 2021 08:03:27 GMT

GET
H2 200 polyfill.js Show response
polyfill.io/v3/ 297 B
651 B 31ms
7ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.js?features=default,fetch,es2015,es2016,es2017,Uint8Array,Array.prototype.flat

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c661f8097b6330337d718b6cb6c5ff14161870f16c4c313a5365894f46dd3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1099278
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 164
referrer-policy: origin-when-cross-origin
last-modified: Thu, 21 Oct 2021 23:02:47 GMT
date: Thu, 04 Nov 2021 07:03:27 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 system.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/ 10 KB
4 KB 32ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/system.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d798f67f0d33a7c52e6179ae6c51d6ed270aff1af9361c64c6625ca7b4f72eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 532992
x-jsd-version: 6.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"26c0-61yroWzK5sDphugOTqtkhTczLdQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb89cc925bed-FRA

GET
H2 200 amd.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/extras/ 2 KB
1 KB 31ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/extras/amd.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eef4b8a4fb20ef3c75a13009d73408af694383fabc6a7cd409ccfa9f1b9a2a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 812483
x-jsd-version: 6.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"667-eZzd4CidAcY82fX+qaGvike/hxM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb89cc945bed-FRA

GET
H2 200 named-exports.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/extras/ 651 B
478 B 33ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.3.1/dist/extras/named-exports.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc632231fca883c829e8a6edb5d36d92fc1f3db5f6b716bc44ed89bbb07083a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 812483
x-jsd-version: 6.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19148-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"28b-1wPHHu04o4Og/uTT+l2W3oSafaw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb89cc965bed-FRA

GET
H2 200 auth.js Show response
apps.uhcprovider.com/cdn/uhc-ohid/ 3 KB
2 KB 195ms
13ms Script
application/javascript 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-ohid/auth.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8978f6d1a87e157314ac70191439466d47bb899083b9945d6cd76917f899bb5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 10 Oct 2021 07:54:29 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 22:26:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"03aee68fa0f6db0ae10cec337b8774c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: CcSFS89f8VvZRuRzFcnf5ktD9GecvDnyp852vyxGWb1iXChYPRPXEQ==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225

376 B
1 KB

34ms
34ms

XHR
application/json

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7d62d929d45e266e8ffcc0073eb5cf8c9d689d8991658e3e195cc3f5f0a99461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: sJx080e0T2s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://secure.uhcprovider.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 314
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-06a57b486.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://secure.uhcprovider.com
X-TID: X918yGHZSwY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1636009407225
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://secure.uhcprovider.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Thu, 04 Nov 2021 08:03:27 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://secure.uhcprovider.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Thu, 04 Nov 2021 08:03:27 GMT

GET
H2 200 importmap.json Show response
secure.uhcprovider.com/ 1 KB
1 KB 411ms
410ms Fetch
binary/octet-stream 2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.uhcprovider.com/importmap.json

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UnitedHealthcare /

Resource Hash

d5858e63498291bd39d8bf816df7e0cab6dc2576d4a8f88626f4c1e5d7a1878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 04 Nov 2021 07:03:28 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 03:39:32 GMT
server: UnitedHealthcare
x-amz-cf-pop: FRA60-P3
etag: "eb1a4d7d41616b5951f9667e520ea23b"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
content-type: binary/octet-stream
cache-control: max-age=0,no-cache,no-store,must-revalidate
accept-ranges: bytes
content-length: 1062
x-amz-cf-id: VMeW-QyQqO02y89reJxkmftp0mAu2rL00i5P9CCp9XiVxpaZnIb6AA==

GET
H2 401 introspect
apps.uhcprovider.com/api/identity/ohid/oidc/token/ 24 B
443 B 463ms
462ms XHR
application/json 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/api/identity/ohid/oidc/token/introspect
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: ffe1741d-78c0-4a5f-b99a-133c3e32ca29
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: https://secure.uhcprovider.com
x-amzn-trace-id: Root=1-618385bf-453eeda45d94eb3822eefedf;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: IRHV-Em7oAMFgqw=
content-length: 24
x-amz-cf-id: 1ixOy0m2LeK0abKzJMPah42RolzlH-ur_OxaU9TmEDTMGQ3ucH9kwg==

GET
H2 200 polyfill.js
polyfill.io/v3/ 297 B
213 B 7ms
7ms Other
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.js?features=default,fetch,es2015,es2016,es2017,Uint8Array,Array.prototype.flat

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c661f8097b6330337d718b6cb6c5ff14161870f16c4c313a5365894f46dd3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1099279
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 164
referrer-policy: origin-when-cross-origin
last-modified: Thu, 21 Oct 2021 23:02:47 GMT
date: Thu, 04 Nov 2021 07:03:27 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 34ms
8ms Script
application/x-javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 07:03:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45987
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 RC6d92f62a219a42f9b1e7b37286dc1ab1-source.min.js Show response
assets.adobedtm.com/512027f42d3c/4dbc2f4aef47/186309455420/ 2 KB
1 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/4dbc2f4aef47/186309455420/RC6d92f62a219a42f9b1e7b37286dc1ab1-source.min.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cabbe37657766783940b19b49e5b640a56025d4af04de48ad9ff2ee7a6e5bc43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 11:44:31 GMT
server: AkamaiNetStorage
etag: "9ace58f101b19781a120f10c2b1de7ef:1635939871.264218"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://secure.uhcprovider.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 919
expires: Thu, 04 Nov 2021 08:03:27 GMT

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 268 KB
60 KB 44ms
7ms Script
text/javascript 18.66.107.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36fe7d18cfafca08c858c51a7994b2c15d528bb67fbe54086f523ee11a4ec163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: RwANLJqIrR6QkbJaWSH05z76dEtVix13
Content-Encoding: gzip
ETag: "c143865ec386718c043d9ec8b9be97bd"
Age: 12105
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 61013
Last-Modified: Wed, 20 Oct 2021 10:03:23 GMT
Server: AmazonS3
Date: Thu, 04 Nov 2021 03:41:43 GMT
Content-Type: text/javascript
Via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
X-Amz-Cf-Id: AEKpvhLuEZgXLSKcfJvwwkuqpcgMex2WkuUvLnCuRz7oUe6ox25cxg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1898745%26time%3D1636009407311%26url%3Dhttps%253A%252F%252Fsecure.uhcprovider.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true&e_ipv6=AQLhgwldoZEqDAAAAXzpwnaKjhKbZatL9M9U2cji2yFna5VXyYdApN7...

0
156 B

408ms
216ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true&e_ipv6=AQLhgwldoZEqDAAAAXzpwnaKjhKbZatL9M9U2cji2yFna5VXyYdApN7lFkSX_vlhVeSuvgKLPEML
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: +1a7mONFtBbAJkn7+CoAAA==

Redirect headers

date: Thu, 04 Nov 2021 07:03:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1898745&time=1636009407311&url=https%3A%2F%2Fsecure.uhcprovider.com%2F&liSync=true&e_ipv6=AQLhgwldoZEqDAAAAXzpwnaKjhKbZatL9M9U2cji2yFna5VXyYdApN7lFkSX_vlhVeSuvgKLPEML
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: So+Kg+NFtBYwRqqOnisAAA==

GET
H/1.1 200
OK config.aspx
ws.sessioncam.com/Record/ 540 B
919 B 466ms
110ms XHR
text/javascript 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fseamless-digital.provider-apps.linkhealth.com%2F&jsver=594&originalUrl=https://secure.uhcprovider.com&sse=1636009407366&inTg=a&acr=0
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-154-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:27 GMT
Content-Type: text/javascript
Access-Control-Allow-Origin: https://secure.uhcprovider.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 540
Expires: -1

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 1BA3 7 KB
3 KB 141ms
32ms Document
text/html 52.210.87.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.87.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-87-143.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 4 Nov 2021 07:03:27 GMT
DCS: dcs-prod-irl1-2-v019-0b574d3a1.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:17:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: +R9+Rm8MQ5M=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
511 B 183ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=66542527513115248362776608307536158823&ts=1636009407400

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

cc3e68b21f5c184dd1be87e8c62c2de39bf4a6de042f8560fb59e4f0dd34f639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4c7fdd79-nt4fk
vary: Origin
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://secure.uhcprovider.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YYOFvwAAAMWqPQQS
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=60306992366947072132981805253880053646
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYOFvwAAAMWqPQQS

42 B
943 B

34ms
34ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYOFvwAAAMWqPQQS

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0df8032d5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9b88icHYScU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYOFvwAAAMWqPQQS
Date: Thu, 04 Nov 2021 07:03:27 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 335 KB
231 KB 133ms
55ms XHR
application/json 34.241.165.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=162e95e416f44270952d65a611c1fd3c&version=2.4.0
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.165.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-165-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 90358b950581aebf76c52ca9ed48966d1a66978ffc065a5a03ed524a421bd14b

Request headers

Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://secure.uhcprovider.com
date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: d43ce43720d355369af310abb68e4c4b
content-type: application/json;charset=UTF-8

GET
H2 200 sde-core.js
secure.uhcprovider.com/sde-core/static/version/VGh1IE9jdCAyOCAyMDIxIDIzOjU3OjQz/ 2 MB
2 MB 112ms
112ms Script
application/javascript 2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.uhcprovider.com/sde-core/static/version/VGh1IE9jdCAyOCAyMDIxIDIzOjU3OjQz/sde-core.js
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 04 Nov 2021 07:03:28 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 00:02:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: "5968b501298e9742002aceffaebbd41d"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 1892081
x-amz-cf-id: Yq22hQMucnO76S_UT137MS_p9kzmxtj070NYbpdt2-LC7lGDS2thkg==

GET
H2

200

Primary Request index.html Show response
identity.onehealthcareid.com/app/
Redirect Chain

https://apps.uhcprovider.com/api/identity/ohid/oidc/authorize?state=eyJyZWRpcmVjdCI6Imh0dHBzOi8vc2VjdXJlLnVoY3Byb3ZpZGVyLmNvbS8iLCJub25jZSI6InFKZ1JQWUhmb1FYaCJ9
https://identity.onehealthcareid.com/oidc/authorize?client_id=sde60155&redirect_uri=https%3A%2F%2Fapps.uhcprovider.com%2Fapi%2Fidentity%2Fohid%2Fauthorize%2Fcallback&response_type=code&scope=openid...
https://identity.onehealthcareid.com/api/v1/auth/login
https://identity.onehealthcareid.com/app/index.html

12 KB
4 KB

507ms
507ms

Document
text/html

18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/index.html

Requested by

Host: apps.uhcprovider.com
URL: https://apps.uhcprovider.com/cdn/uhc-ohid/auth.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

41355bfbc2e6730de7e5916061cc29926432e46def4d0d3e08d74ccbb61b745b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/

Response headers

content-type: text/html
x-amz-id-2: 2TbBZQU49vQDnp/IoYiYgls4lGxMrZz3zYugWVDi8GAiPQNMJwBjbwx3ttp82ZYRnxVPDGyExSQ=
x-amz-request-id: Q0SGHK4T9P237M9P
date: Thu, 04 Nov 2021 07:03:29 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 08 Oct 2021 08:49:51 GMT
etag: W/"49f23631fce31033ee508b65d7e61729"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store, max-age=0
x-amz-version-id: _2QCQkH_1D.m5dNRbowNNgbq5RU6X4p0
server: AmazonS3
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KQPMW923-TYHa61xJ78HmZVUJ5Henfti7IQ-0z4Fb1s1yAvlV8VLEA==

Redirect headers

content-length: 0
date: Thu, 04 Nov 2021 07:03:28 GMT
trace-id: 09e885a08438248bcde8dd6551adccff
location: /app/index.html
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
server: CloudFront
x-cache: Miss from cloudfront
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: znoDRkllJk6w3Y1sxdRA4QnkeL7UdFGQ5NS3-mGC0BDM3d2llEDoiQ==

GET
H2 200 react.production.min.js
cdn.jsdelivr.net/npm/react@16.13.0/umd/ 12 KB
5 KB 32ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@16.13.0/umd/react.production.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 814506
x-jsd-version: 16.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"30af-PdQeRv5Wrr+mzPClFwc4E01l6K0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb8f3965dfeb-FRA

GET
H2 200 react-dom.production.min.js
cdn.jsdelivr.net/npm/react-dom@16.13.0/umd/ 116 KB
38 KB 40ms
26ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@16.13.0/umd/react-dom.production.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 814577
x-jsd-version: 16.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1cf4f-WPOBYPb6DskoqH8J9BSB+53Ki+M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb8f396edfeb-FRA

GET
H2 200 react-is.production.min.js
cdn.jsdelivr.net/npm/react-is@16.13.0/umd/ 3 KB
1 KB 36ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-is@16.13.0/umd/react-is.production.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 804290
x-jsd-version: 16.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19182-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a0f-rh4+5Imj4bKOeyXrf7o3EeHIcd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb8f396bdfeb-FRA

GET
H2 200 single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.5.0/lib/system/ 19 KB
6 KB 32ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/single-spa@5.5.0/lib/system/single-spa.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 507858
x-jsd-version: 5.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19177-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4c71-2hnMAlXhr3b/dbYWaee2nU1I8Dw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb8f396ddfeb-FRA

GET
H2 200 styled-components.min.js
cdn.jsdelivr.net/npm/styled-components@5.2.1/dist/ 33 KB
13 KB 45ms
31ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/styled-components@5.2.1/dist/styled-components.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.uhcprovider.com/
Origin: https://secure.uhcprovider.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 814564
x-jsd-version: 5.2.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"820a-z8+fULg5XikqL8s308G3P2obcWw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a8bfb8f3969dfeb-FRA

OPTIONS
H2 200 data.json
provider-cdn.linkhealth.com/apps/seamless-digital/prod/messages/ Frame 0
0 782ms
657ms Preflight 2600:9000:223d:5200:16:4490:3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://provider-cdn.linkhealth.com/apps/seamless-digital/prod/messages/data.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5200:16:4490:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: uuid
Origin: https://secure.uhcprovider.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Thu, 04 Nov 2021 07:03:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: uuid
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: agpePBWSHLJpk6vHRMKjG6sy-SlbnCpka9qfxbDVs25LMd_B75pHOg==

OPTIONS
H2 200 data.json
provider-cdn.linkhealth.com/apps/seamless-digital/prod/features/ Frame 0
0 497ms
372ms Preflight 2600:9000:223d:5200:16:4490:3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://provider-cdn.linkhealth.com/apps/seamless-digital/prod/features/data.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5200:16:4490:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: uuid
Origin: https://secure.uhcprovider.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Thu, 04 Nov 2021 07:03:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: uuid
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: wG-ZuNDQl4ESbwDEQOEi64We4VelbRilAU0rsSrPCCJ392In_vSvlQ==

GET
H2 200 html2pdf.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/ 469 KB
111 KB 30ms
13ms XHR
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/html2pdf.bundle.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4875805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 112878
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9d-7555a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L99uGBMIOe4et%2FSsAXyHH36szdF%2FFhiZAMzmlShOstonGUg6AzOgVj8%2FtQAwzfr%2Bc92BNkKB9xsGqCvE1XajZp9Cq1aMv5CAF62Cttmqq3Allt9YTEHJIC7F8zmS0BQVdAk%2F5q6NBnBlbwxDbFVdxOv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a8bfb900a825be9-FRA
expires: Tue, 25 Oct 2022 07:03:28 GMT

GET data.json
provider-cdn.linkhealth.com/apps/seamless-digital/prod/messages/ 0
0

GET
H2 200 data.json
provider-cdn.linkhealth.com/apps/seamless-digital/prod/features/ 7 KB
7 KB 399ms
399ms XHR
application/json 2600:9000:223d:5200:16:4490:3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://provider-cdn.linkhealth.com/apps/seamless-digital/prod/features/data.json
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5200:16:4490:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.uhcprovider.com/
uuid: undefined
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:29 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 6774
last-modified: Fri, 29 Oct 2021 18:12:59 GMT
server: AmazonS3
etag: "adb9890c6cda6b855b9637e1de86f596"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store,must-revalidate
accept-ranges: bytes
x-amz-cf-id: Qj5eMKtx8MqljLrPUI2wtFIK1A2KdhAIb77Htj3jUEaiCuXsfbGTRg==

GET
H2 200 prod
secure.uhcprovider.com/api/lagoon/sde-core/ 91 KB
92 KB 515ms
514ms XHR
application/json 2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.uhcprovider.com/api/lagoon/sde-core/prod

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UnitedHealthcare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:28 GMT
via: 1.1 27eb501c8caff149895f88cac34554af.cloudfront.net (CloudFront), 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 93498
x-amzn-remapped-date: Thu, 04 Nov 2021 07:03:29 GMT
x-amz-cf-pop: IAD89-C2, FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-apigw-id: IRHWFFZEoAMF7Xw=
content-length: 93498
x-amzn-requestid: 66c31972-6100-40a8-af71-6858a63b8100
last-modified: Mon, 01 Nov 2021 19:42:11 GMT
server: UnitedHealthcare
x-amzn-remapped-server: AmazonS3
etag: "b9bf6f777a1a21ad60761375204f7e74"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
accept-ranges: bytes
x-amz-cf-id: YQdEHL3UvC3QBkKX6uBYzrSIXQKpGHz0l01oOgQm5g3AYUlLtxuyQQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 prod
secure.uhcprovider.com/api/lagoon/sde-dashboard/ 37 KB
38 KB 450ms
449ms XHR
application/json 2600:9000:2251:8c00:1a:19fe:bb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.uhcprovider.com/api/lagoon/sde-dashboard/prod

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:1a:19fe:bb80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UnitedHealthcare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:28 GMT
via: 1.1 cfb94084ba0615910dd15548de7c4c5e.cloudfront.net (CloudFront), 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 37744
x-amzn-remapped-date: Thu, 04 Nov 2021 07:03:29 GMT
x-amz-cf-pop: IAD89-P2, FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-apigw-id: IRHWFGX4oAMFVng=
content-length: 37744
x-amzn-requestid: d723d35d-8d83-4846-9cf5-bdab535cb382
last-modified: Wed, 03 Nov 2021 15:48:45 GMT
server: UnitedHealthcare
x-amzn-remapped-server: AmazonS3
etag: "e1da6344b1ff53a91e660c7a29912399"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
accept-ranges: bytes
x-amz-cf-id: FVqyMVljXDUeZOCcyv6_bZ_pfgeIUuJwv5p2smo77Tn6fn3rHE1iSA==
x-amzn-remapped-connection: keep-alive

POST
H/1.1 200
OK GetPageId
ws.sessioncam.com/Record/record.asmx/ 0
200 B 140ms
140ms XHR
text/plain 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/GetPageId?url=https%3A%2F%2Fseamless-digital.provider-apps.linkhealth.com%2F&id=qut4vnglsce10pg0oc1ceq2o
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-154-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://secure.uhcprovider.com
Date: Thu, 04 Nov 2021 07:03:27 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK SaveEvents
ws.sessioncam.com/Record/record.asmx/ 0
232 B 131ms
130ms XHR
application/json 54.162.154.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/record.asmx/SaveEvents?url=https%3A%2F%2Fseamless-digital.provider-apps.linkhealth.com%2F&id=qut4vnglsce10pg0oc1ceq2o
Requested by: Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.154.79 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-154-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://secure.uhcprovider.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://secure.uhcprovider.com
Date: Thu, 04 Nov 2021 07:03:28 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

GET
H2 200 cash.min.js
cdnjs.cloudflare.com/ajax/libs/cash/4.1.5/ 14 KB
5 KB 15ms
15ms XHR
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cash/4.1.5/cash.min.js

Requested by

Host: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/static/scripts/prod/newrelic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.uhcprovider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2089053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4621
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e22-39eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CEGDLxNjAbDC6RBGVx5SYJQV%2FSrI6D9xogO5vfu5Ge6wxjO%2B%2FKcJBgPfSYGoYEbe9SbCeDmqNcP7j0vaxhFLU1qgV5UbspMqI%2BKxVDsNo2260ufWyuHlAHXzdXAuCxelUyeBPCTti1s6NWV1Y49vYZk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a8bfb95da0d5be9-FRA
expires: Tue, 25 Oct 2022 07:03:28 GMT

GET /
zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com/SIE/ 0
0

GET userinfo
secure.uhcprovider.com/api/identity/ohid/ 0
0

GET
H2 200 summer.js Show response
identity.onehealthcareid.com/static/js/ 222 KB
125 KB 386ms
385ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.onehealthcareid.com/static/js/summer.js
Requested by: Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 481ae2fc81072cfdfb62a759f2add993f033a8e7e4bce2e817fee8b7eeef7da9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Nov 2021 07:03:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: XHmIi9tq6gBLk4gSJABJCQlouPFiH65AK9XzTJHm2jP_NWZRC2x5Pg==
x-ion-hop: prod
expires: 0

GET
H2 200 uitk-req-min-d9a14967e2.css
identity.onehealthcareid.com/app/static/css/ 85 KB
17 KB 42ms
40ms Stylesheet
text/css 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/css/uitk-req-min-d9a14967e2.css

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

897c6644cf07c3e7fdf13a608b2c0aa41341215720c4a95c8f0bd63fb604add3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: HgW9xrlX5zflzx1.2BsqwYSJY5ftZXsL
content-encoding: gzip
x-content-type-options: nosniff
age: 18034
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: PRYTHEN8MES6S0M8
x-amz-id-2: nn8wjs25LrAuyR/rZ1euAh45LMQuN64EIO4tYkeAx5n+0yJvN15JZDyaK5Ib181r/WIYC7k/0Sg=
last-modified: Fri, 08 Oct 2021 08:49:47 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 02:02:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"d9a14967e29bd126fdd1d439d3d1d7f6"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: pPzzwNECpaaTND-Uf3SDwRsr9thUVkYaJQVBzSFT16jLC-HXWLlmdQ==

GET
H2 200 Optum-Icon-Font.woff2
identity.onehealthcareid.com/app/static/css/fonts/ 16 KB
17 KB 21ms
20ms Font
binary/octet-stream 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/css/fonts/Optum-Icon-Font.woff2?pjuq3w

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5868a377fda003d9d80ffa756dcd6830f7038790b1b4c0e6b9cc4590f1928833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://identity.onehealthcareid.com/app/index.html
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: vd3Kfc1.Z1APal9BEjL77V3O6iOwYv_h
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21503
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: NQGNN324FF4671CJ
x-xss-protection: 1; mode=block
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:47 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:05:07 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=3600,s-maxage=86400
etag: "2f63fe13618dcbae8e9f61e98aa7f04b"
x-amz-cf-pop: FRA56-P2
content-length: 16608
x-amz-cf-id: BE5uRQXmZ8qboYr-DHT_RMQ02ZDC_BieBkyFdImxdSd4Vx7EAOb3Uw==
x-amz-id-2: OhToLM1jzUJL2u2wEHLT2Z5rkEFtm68lX7gMNRdVHp4+JcMakqKi3rCWl+w6FBAkwXM4BifpJAs=

GET
H2 200 opensans-regular-webfont.woff2
identity.onehealthcareid.com/app/static/css/fonts/opensans/ 18 KB
19 KB 32ms
31ms Font
binary/octet-stream 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/css/fonts/opensans/opensans-regular-webfont.woff2

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2a76b9ef9241234446776d520f153c1ad102dcc4931e70daed41cc85b57b0e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://identity.onehealthcareid.com/app/index.html
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Jdl6fi2myfdsZ0y0kMgor943jmYOskx0
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23665
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: TN7843KH8NKDVB41
x-xss-protection: 1; mode=block
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:47 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 00:29:05 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=3600,s-maxage=86400
etag: "320c51a974c69b262cbfab2c1efff6e6"
x-amz-cf-pop: FRA56-P2
content-length: 18776
x-amz-cf-id: tiVQRTn9cxTIXh1Nzg3N6AZ3sKXpqW3teo55pyv_o0GvyZRo4epSeA==
x-amz-id-2: Yt+zsJ05Sae+3ycFoskYjKA3wvDHVGbeXGuOpVW9G2bqEM5Q2pmiw2Pp/ipVmnfkbgEr8GJJhKc=

GET
H2 200 opensans-bold-webfont.woff2
identity.onehealthcareid.com/app/static/css/fonts/opensans/ 19 KB
20 KB 30ms
28ms Font
binary/octet-stream 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/css/fonts/opensans/opensans-bold-webfont.woff2

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

61ff2be17be3bcb7c02ec5ffa8f976695d15dbc07e1ce160479712792bdcbcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://identity.onehealthcareid.com/app/index.html
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VsOeFWMTE0EuPWSWl9xii.urDEe6mO3o
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 22658
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 60PP6999ZA58GJ0F
x-xss-protection: 1; mode=block
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:47 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 00:45:52 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=3600,s-maxage=86400
etag: "d5a67608015d86079246d3f5a42b4730"
x-amz-cf-pop: FRA56-P2
content-length: 19432
x-amz-cf-id: sRckeXKHUFISXXpGI4nHPSD0XBTaPobsaqz7_uCM4a_qsjdo4ByPWQ==
x-amz-id-2: Vzeclzz7nR3/dFNrvFLMW8LluVIuyhsR8KgOTqHFgwkTrYoHU+bY0rRRjOPUOpsixQi2Tq2ltAc=

GET
H2 200 global-app-config.js Show response
identity.onehealthcareid.com/app/ 106 B
784 B 41ms
40ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/global-app-config.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

618f566889603b3da9ec8c2ccf8624ff32165081ecc00553c489e8e455683209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 9mUEviYDERsBzmeblR8jCWWalDEis49v
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: TN7CWB7MB3W64N3D
x-amz-id-2: 3SO7yVzLpa4+WCs7pPu9eBy1HcDTPVvNSvbms0BBJ+85YwPyl5Fn+2tXdolcLh77HMJvtoj3iWs=
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:44 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 00:29:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: "5b0bbea94db4f6614c39359e1acd6797"
x-amz-cf-pop: FRA56-P2
content-length: 106
x-amz-cf-id: Q4kQHrKGoQlALh2V0G6DHmOKn2YtvctSNG6dU629pphOpcWnqIDgnA==

GET
H2 200 lib-min-7e6d84b497.js Show response
identity.onehealthcareid.com/app/static/js/ 529 KB
173 KB 29ms
29ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/js/lib-min-7e6d84b497.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92f9494b0b2a89dda38b7936c1bdd819d130d1eb08d4358642f8a0435ce939ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 8blByc9zTzg937Wwcoxamem6OUfESTxc
content-encoding: gzip
x-content-type-options: nosniff
age: 14616
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: AP3QK09RR0JJPNDZ
x-amz-id-2: jH9NEweGYCPNLDTRhIPberZ8uR7wG5oKeFNX9oVa8OLUI6MuTYNGSlGLn79hn+gX6JR0zuqb84U=
last-modified: Fri, 08 Oct 2021 08:49:47 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 02:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"7e6d84b4979eafc9776d8b16597d770a"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: dHLxcushFK8fu6NFybgaxeC1ScoIeAUkkL3X7NhEtizKaY1h6nX2UQ==

GET
H2 200 uitk-req-min-945fd9447c.js Show response
identity.onehealthcareid.com/app/static/js/ 58 KB
18 KB 41ms
41ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/js/uitk-req-min-945fd9447c.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

61e401f4bc993066c75f9b41208307fbe0b4e9b5b46017ad9efaa5a0e6a717df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: M4G7_fREwRi6E3_7rQfI6T_4zVXaKe3R
content-encoding: gzip
x-content-type-options: nosniff
age: 18231
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: AX9KKG1MZCQDGN0A
x-amz-id-2: Z6TJsMiUhTkQ29CWx/7vsd4M8Vk85uy5Vt7Kaz5W81VXNR0p6MMRt0q3E/cDk3CEiYQ6hSFBPl8=
last-modified: Fri, 08 Oct 2021 08:49:48 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:59:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"945fd9447c20e9decccf5624783154fa"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: l8FJABZflD9uvGlWY0M4RepUJaIhJk0M4nIq6ciQPkBMDi7BYviy4g==

GET
H2 200 prelogin-e102852ca9.min.js Show response
identity.onehealthcareid.com/app/static/js/ 238 KB
50 KB 22ms
22ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/js/prelogin-e102852ca9.min.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

555bb293ec68445709dab5b1984cb0d4e6d25f258ce5eabc1f7ede3a0fd71562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XUOPFgwWwim8byCU_BzSeARILIYqSdm6
content-encoding: gzip
x-content-type-options: nosniff
age: 21363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: 89T3M4QGK82N0DQC
x-amz-id-2: 5DUeqNPAsKK8+swYM6AIBm1Cbb44HuTw6a4m24YgU3OXZy1ZJUVu5dEYwjwZkcNMF1Wq9O6lM4o=
last-modified: Fri, 08 Oct 2021 08:49:48 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"f3dd3cc2ec1431b20679c77bd3c5db39"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: bpDXMH-hkDBJNAxLYmn0Ql_1ppEe2Sl3OVAZPyi-8CWqT5e5bUa6CQ==

GET
H2 200 newrelic.js Show response
identity.onehealthcareid.com/app/static/js/ 24 KB
9 KB 23ms
21ms Script
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/js/newrelic.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0338ca46c8569685b164483847733f919655d72eefdb1e1af756fba978301f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Cs2DyGtYZqUoH6mnS4V4Yi95.Eo4NOGk
content-encoding: gzip
x-content-type-options: nosniff
age: 21565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: MNQ35W7ZRB5VYVVF
x-amz-id-2: SMbZhTZUxxKCfkdFpsio2U2zlPiQdDwJZKLHepTAQMYlkDqN2Cf0ZCEL+fWAqFEaLAaHx41gvSQ=
last-modified: Fri, 08 Oct 2021 08:49:52 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=86400
etag: W/"7605564559317719bc07221d794d4a64"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 4k5QPxQHavPfmxoWC69zM19SPUx9Vnt2uW2iaUlB53s_M1LA51sNFQ==

GET
H/1.1 200
OK cx.js Show response
repo.rakanto.com/rakanto/cx/ 124 KB
41 KB 1848ms
150ms Script
application/javascript 149.111.164.232
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://repo.rakanto.com/rakanto/cx/cx.js

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.164.232 , United States, ASN10879 (UHC, US),

Reverse DNS

repo-elr.rakanto.com

Software

Resource Hash

a83be51853e15587d330d93a8b02d1b6565ea5c4a1b62aca9300f817c691c8fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 07:03:30 GMT
Content-Encoding: gzip
Referrer-Policy: : origin
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=300; includeSubDomains
Expires: Thu, 04 Nov 2021 07:33:30 GMT

GET
H2 200 init Show response
identity.onehealthcareid.com/api/v1/auth/login/ 2 KB
2 KB 321ms
321ms XHR
application/json 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/api/v1/auth/login/init

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

194f548db7633735d8734183c650f7db074c2df053f64b8c072201194045039e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 07:03:29 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
akym-s: 3251f44649de7d2b5fdfd95d13a82fd053c9698e2c02968a7cad4975054911fd386effcc349c30ba8f02e5a177e0aac9ac23dd070c93c95a6fe3f24b1fcf2502299a210c76b25211857b6899eaa13a51d35e360a8fc979ad82afd3409b87aa56313f82909b5f01f305394f73bf3d92ddeeab439ed8d54ec6b225859a278aabf03c28fdcdcb6228f710d4b3fef9af97e755091c93a5b3aaa7258c9d22b98af5423f7e00bd30c6e7c715960c2dd3d3f778f53116f3255e970962ea119a9a0ad5a4d6c60bbea40cba810c8c4ec3cea3296cd2b1e4
content-length: 1652
x-xss-protection: 1; mode=block
pragma: no-cache
server: CloudFront
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
trace-id: 030135150d00844be8ea61de3b981071
x-amz-cf-id: rh894ngRIVWClk7m6e21_8iuS0bNQFnSZTZ4yI-VjhHPjWlteS7C2Q==
expires: 0

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en_US.json Show response
identity.onehealthcareid.com/app/common/i18n/ 3 KB
4 KB 22ms
22ms XHR
binary/octet-stream 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/common/i18n/en_US.json

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9de338f95994379018f9586dc5a6f7b2b9258c4a95fe813397c8ab848d961012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

x-amz-version-id: 2L0WThTBBNOG6NPhGyB2KhzIBFYhNhkW
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: Y2SYQ682VHPP5HAT
x-amz-id-2: YNJrOYjKvP7yVxN8plxlRlRPtMtKFxdishoGerLLuaHpSIpCwfAl8dZjrGqgTLdUXm3LiAIDSCQ=
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:43 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: "b51d92016ac4341866aaa200e95bb8ce"
x-amz-cf-pop: FRA56-P2
content-length: 3505
x-amz-cf-id: 2bsbGGE1OlK2EDDP7YIBxFqoVqXlpKnqq0Z-VHsrQGEWQj7OmNKqNw==

GET

error.html
identity.onehealthcareid.com/app/
Redirect Chain

https://identity.onehealthcareid.com/tenants/onehealthcareid/css/onehealthcareid.css
https://identity.onehealthcareid.com/app/error.html

0
0

GET
H2 200 stylesheet2.css
identity.onehealthcareid.com/tenants/onehealthcareid/applications/sde60155/css/ 107 B
692 B 9ms
8ms Stylesheet
text/css 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/tenants/onehealthcareid/applications/sde60155/css/stylesheet2.css

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/static/js/lib-min-7e6d84b497.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea885cdcf3dd73cef8e053ea6561eab59ba92e2e1d8ae9b6e17d1ae22b9af5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 8rKJShmAUUs9vLY2EDJtH_iH38c.DpTd
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14369
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 04 Nov 2021 03:16:15 GMT
x-amz-replication-status: REPLICA
content-length: 107
x-xss-protection: 1; mode=block
x-amz-meta-filetype: APP_CSS
last-modified: Mon, 06 Sep 2021 04:48:59 GMT
server: AmazonS3
x-frame-options: DENY
etag: "199079acb7578b32df9532f234d68e1e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-amz-meta-filename: stylesheet2.css
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: xhvXYWFv7yUw9pXCuXh-EkTzGdWOoeJmyjV2PHG7Xo-8qnoSYJ4RFA==

GET
H2 200 en_US.json Show response
identity.onehealthcareid.com/app/login/i18n/ 4 KB
4 KB 25ms
25ms XHR
binary/octet-stream 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/login/i18n/en_US.json

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9d7d6758a52c6bb6a2faee2397ab505ddd0f7fb2a86360473e5358b5b4955d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

x-amz-version-id: gZNJf0u2v4Wg.B7.1GcDjd5lSpRKb5C1
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16837
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: SMG2C48BV5GDASE6
x-amz-id-2: UsqFZVlsi4gVsORVBejP8f6h+kAjkOAVc7ANNxeidq8vH54nqnbToCATrINquaQNhErZSDoXZ/0=
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:45 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 02:22:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: "fa0f0b11e9dddd8d53d5481919249d3e"
x-amz-cf-pop: FRA56-P2
content-length: 3653
x-amz-cf-id: UIjIuoTUhCJdMrIRvF6J-BESjVV_tmxg8scV-RzxZtH5w-4WfOK1Ow==

GET
H2 200 login-79de9fa43f.html Show response
identity.onehealthcareid.com/app/login/views/ 9 KB
3 KB 22ms
22ms XHR
text/html 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/login/views/login-79de9fa43f.html

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

419b863718c62911e2bfcd2bdf5bf95844b421b3542043ea279dd42edc43c762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

x-amz-version-id: alNu0ARwTD3FG3eSU6JDSqS_mz3NLauA
content-encoding: gzip
x-content-type-options: nosniff
age: 20085
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: YKHRY21F544BTWKC
x-amz-id-2: RuwD3wcfCgu7p/XPVupTCAzGGVCBX/vcnBAEp3Nh/ygUL5h7mNRagyOOD6HuN35LgvArLEDRdN4=
last-modified: Fri, 08 Oct 2021 08:49:45 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:28:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"d2d32956a6972c9c16fc6cafac3fc349"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: g6Rq6jad_i2k822eOahn_kat2S1OdIsb1qMTBHF1JJiN7RxA-UelFg==

GET
H2 200 main_logo.png
identity.onehealthcareid.com/tenants/onehealthcareid/logos/ 6 KB
7 KB 10ms
9ms Image
image/png 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.onehealthcareid.com/tenants/onehealthcareid/logos/main_logo.png

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

628d70aabc404ae952438c46b2a1fd3f051b8e48f1ef5f4ba463b55c8cab1123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6Y72fVRFvr7sT.r8PxEvyMHRMc_6TiBF
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 18709
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 04 Nov 2021 01:51:41 GMT
x-amz-replication-status: REPLICA
content-length: 6379
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Sep 2021 04:49:18 GMT
server: AmazonS3
x-frame-options: DENY
etag: "95b41086cecdb499303c32afa23b877d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: XKoW3ZBeRp2y4xdCl7MSsvyczyfayafkp3jZxYa7MPGn3sH1xmaaWw==

GET
H2 200 UHC_Lockup_blu_RGB.png
identity.onehealthcareid.com/tenants/onehealthcareid/applications/sde60155/logos/ 6 KB
7 KB 11ms
11ms Image
image/png 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.onehealthcareid.com/tenants/onehealthcareid/applications/sde60155/logos/UHC_Lockup_blu_RGB.png

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b32a8f9b98079126a413f8200ffd23a2829f22a2b21bde7041e8d0616c866c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Aauuw4IIKsk8QsU7Eo8ehvGSLoCqynyY
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12954
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 04 Nov 2021 03:44:49 GMT
x-amz-replication-status: COMPLETED
content-length: 6497
x-xss-protection: 1; mode=block
x-amz-meta-filetype: APP_LOGO
last-modified: Fri, 16 Jul 2021 19:17:56 GMT
server: AmazonS3
x-frame-options: DENY
etag: "ef346496531e0923c45833bd0b85cd6d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-amz-meta-filename: UHC_Lockup_blu_RGB.png
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 2cHMQDU96ucUt6qgD6o5lGBonPISH38JHJ8I-mRln1vRW9pOjVyc4g==

GET
H2 200 stylesheet.css
apps.uhcprovider.com/cdn/uhc-ohid/ 7 KB
2 KB 10ms
9ms Stylesheet
text/css 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Requested by: Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/tenants/onehealthcareid/applications/sde60155/css/stylesheet2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa4a93777a7cb3caa0278e6871564bfc69648a26a4f66566f894bbc9e3c6fdd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 20:35:06 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 14:11:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"dbf26ada9f6bfb68af163439fa5dcd47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
x-amz-cf-id: 1hxHKE0ah7VDw6Ay1Ja90JY0JgfWzWIq5-x7JwYvL8Cu6NBiyXZLeg==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

GET
H2 200 loader.gif
identity.onehealthcareid.com/app/images/ 5 KB
5 KB 23ms
20ms Image
image/gif 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.onehealthcareid.com/app/images/loader.gif

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b27bc4aaf8ba7b403cce3f6b03d40a383bb04e6c183ad704c269479d304257d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/app/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .t6.kj4KqwjAyiWiMPaNfkNXqCK4gKOM
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 20297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: N7VATYNHXB6NZ8GW
x-amz-id-2: cqh8Ow4xMkGuhfG/CSoKWmB8aUO808WGIrnUW1M6bYuZ3RtziRGShXMZd6WnvPI6AY6QP3EiP5I=
accept-ranges: bytes
last-modified: Fri, 08 Oct 2021 08:49:44 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:25:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: "aa60419000e8594983f5cb78cfea2da6"
x-amz-cf-pop: FRA56-P2
content-length: 4627
x-amz-cf-id: _yBBuvOjCBCEnf4sDQc88_XHqyWWWjBWviLHDCPEXeyCXs_W8nL6aQ==

GET
H2 200 init Show response
identity.onehealthcareid.com/api/v1/auth/risk/ 134 B
683 B 306ms
306ms XHR
application/json 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/api/v1/auth/risk/init

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e1f142e2ab340f0e5ac90af736aaae8ebffd978b6c50dcce86cabf24e6d782b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

date: Thu, 04 Nov 2021 07:03:30 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 134
x-xss-protection: 1; mode=block
pragma: no-cache
server: CloudFront
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
trace-id: 197123829cfb7170b3d9854777d8e24c
x-amz-cf-id: -FOgyIG-8uaez-YIn2vYFfE3vNUO438lboqEvee4gVTEbH4av1B2Ew==
expires: 0

GET
H2 200 supportMessage-8cdc459867.html Show response
identity.onehealthcareid.com/app/common/views/ 4 KB
2 KB 22ms
21ms XHR
text/html 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/common/views/supportMessage-8cdc459867.html

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

138d1f48c19f536b119a2670ad286e2685eb2c0d57ed357b16a3fc364e123843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

x-amz-version-id: 8kLZPZvxZcWgIVY1Ik9SuDJjFF0DpIwY
content-encoding: gzip
x-content-type-options: nosniff
age: 18835
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: F0DWCT9NNNJGPAQN
x-amz-id-2: N9mzdaVFa73wFnGyjNOuz5ih9tRX39Eu4SZTv+BA4Nz6SXFbsEgwQZyrBRW4iLYqSd4mFe27sRg=
last-modified: Fri, 08 Oct 2021 08:49:44 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 01:49:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"29565b9b660803cf8289439adfc8dfc0"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: yHymRDPxzIhwm-xfLxZDxsm-ItUPKapq-IHLOSiOigEcBYh5cL_iyg==

GET
H2 200 UHCSans-Bold.woff2
apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSans/formats/ 43 KB
43 KB 72ms
48ms Font
binary/octet-stream 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSans/formats/UHCSans-Bold.woff2
Requested by: Host: apps.uhcprovider.com
URL: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265

Request headers

Referer: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 04 Oct 2021 03:49:56 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Sun, 14 Feb 2021 01:00:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "1a240fe1a2f3cb4e9f58fbf8ce1da4b1"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 43840
x-amz-cf-id: sgDC44GEWNYo5o0MoZ3_DnDnBkJtLJ_Rs3-qyjYvf-HgR9qCVEIiCA==

GET
H2 200 UHCSans-Medium.woff2
apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSans/formats/ 43 KB
43 KB 78ms
55ms Font
binary/octet-stream 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSans/formats/UHCSans-Medium.woff2
Requested by: Host: apps.uhcprovider.com
URL: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0

Request headers

Referer: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 25 Oct 2021 03:14:09 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Sun, 14 Feb 2021 01:00:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "e8afb1e292b4416438ff4125ab20621c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 43688
x-amz-cf-id: IG7bQrV_nXInT4zAsQlhrKNSRZWtyyd-q4wGxAlVadB9yxwUjZIx1Q==

GET
H2 200 UHCSerifHeadline-Semibold.woff2
apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSerif/formats/ 22 KB
23 KB 82ms
60ms Font
binary/octet-stream 2600:9000:2156:9000:18:51c1:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.uhcprovider.com/cdn/uhc-brand/typography/fonts/UHCSerif/formats/UHCSerifHeadline-Semibold.woff2
Requested by: Host: apps.uhcprovider.com
URL: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:18:51c1:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c7d13e3cc47f3e8ed20062685edc34279da340b1e9120f0cdaef3b08854d995

Request headers

Referer: https://apps.uhcprovider.com/cdn/uhc-ohid/stylesheet.css
Origin: https://identity.onehealthcareid.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 20:34:59 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Sun, 14 Feb 2021 01:00:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "09ff4ce844b13bff4d3f805a39ed3516"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public,must-revalidate
accept-ranges: bytes
content-length: 22932
x-amz-cf-id: _5Hh3ovH6BWZ6Co9LJAJ6PBlDKAN_CpUzb0-XEA9naEYRZ7E1L9TrA==

GET
H2 200 moment-tz-b900cc957d.min.js Show response
identity.onehealthcareid.com/app/static/js/ 84 KB
26 KB 22ms
22ms XHR
application/javascript 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/app/static/js/moment-tz-b900cc957d.min.js?_=1636009409671

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b56978c4ae38235aad05c6383c5e60830e25b65efbc993ac54da9e495e92bff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://identity.onehealthcareid.com/app/index.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Q2kKR_WMRhTTn7OZrzZxpFcbxM57D6QV
content-encoding: gzip
x-content-type-options: nosniff
age: 13629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
x-amz-request-id: RCK9EW6FDKEG4CNK
x-amz-id-2: DJv5RzLs1SlbuuIbzqmNWYYUIMRGga0R8GFMJKb9t8yVcU8KOvk7XPcCFa/Jc2B+6mck4g31bKA=
last-modified: Fri, 08 Oct 2021 08:49:48 GMT
server: AmazonS3
x-frame-options: DENY
date: Thu, 04 Nov 2021 03:16:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: max-age=3600,s-maxage=86400
etag: W/"b900cc957dc24a657739476d6b826cc0"
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 0VaKRkbhcMg5bDnUZxntzj-wGnWXgQ2sZm7DwcPzC71vp2Y3lkHkzw==

GET
H2 200 chat-support-info Show response
identity.onehealthcareid.com/api/v1/users/common/ 354 B
902 B 126ms
126ms XHR
application/json 18.66.97.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.onehealthcareid.com/api/v1/users/common/chat-support-info

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5945485d735096d0c6f0daec5fbe13f8a2aed8be0dac08fbf59d80dad584c802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-SESSNTABID: shu19906z3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://identity.onehealthcareid.com/app/index.html
screenNumber: 1
X-Requested-With: AsyncRequest
X-CSRF: OID_TOKEN

Response headers

date: Thu, 04 Nov 2021 07:03:30 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-length: 354
x-xss-protection: 1; mode=block
pragma: no-cache
server: CloudFront
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
trace-id: 2e21e9330f57675284f22840b8e89964
x-amz-cf-id: wkb0KkmcabmiuUMOHvrmS5f32Vajmk_ei_1Wrxjk7EQREaIWqvaqUg==
expires: 0

GET
H/1.1 200
OK yshd.js Show response
rba.onehealthcareid.com/ 79 KB
11 KB 91ms
18ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/yshd.js?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&allow_reprofile=1

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/static/js/newrelic.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

3f78b972a740314249bd6f9b3659d42eb24e7215b8e590e4e2586e71acfcd165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-spa-1169.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 30ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1169.min.js
Requested by: Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/static/js/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "5e3590bffa49fddc4bc389e63736da42"
x-amz-request-id: 2ARG7WS52JM3HR7Y
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13996
x-amz-id-2: EmYcy18QkJnxI8pArCfHtdopgYYLkv1MLRbSPbVFvk2QefSzGZ8Mk51ppKrXNda3H/qGm60je5c=
x-served-by: cache-fra19121-FRA
last-modified: Wed, 20 May 2020 21:16:17 GMT
server: AmazonS3
x-timer: S1636009411.244308,VS0,VE0
date: Thu, 04 Nov 2021 07:03:31 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 990

GET
H/1.1 200
OK check.js;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077 Show response
rba.onehealthcareid.com/fp/ Frame 0567 384 KB
72 KB 27ms
27ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/check.js;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jb=363b26246a716f7535446b6e7d70266a736f35446b6c7d70266a73627d3d416070676d67246873603d416872676567253a383935

Requested by

Host: rba.onehealthcareid.com
URL: https://rba.onehealthcareid.com/yshd.js?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fd06b7344b1f6bcc584b282d55746aed5a5c21cd3884291be4987c93ce329ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 250c2e4fec170a66
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba.onehealthcareid.com/fp/ Frame 0567 81 B
475 B 46ms
15ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
rba.onehealthcareid.com/fp/ Frame 0567 81 B
475 B 51ms
17ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 4351a748a3 Show response
bam.nr-data.net/1/ 57 B
322 B 397ms
99ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4351a748a3?a=761736972&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=3520&ck=1&ref=https://identity.onehealthcareid.com/app/index.html&be=1962&fe=3484&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1636009407734,%22n%22:0,%22f%22:749,%22dn%22:749,%22dne%22:749,%22c%22:749,%22ce%22:749,%22rq%22:750,%22rp%22:1256,%22rpe%22:1257,%22dl%22:1262,%22di%22:1954,%22ds%22:1954,%22de%22:1961,%22dc%22:3483,%22l%22:3483,%22le%22:3496%7D,%22navigation%22:%7B%7D%7D&fp=1930&fcp=2408&jsonp=NREUM.setToken
Requested by: Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/static/js/newrelic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
rba.onehealthcareid.com/fp/ Frame 9005 19 KB
6 KB 18ms
18ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/HP?session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/static/js/newrelic.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ef40d3bcd15c6e6787a82fa1af669bd449ee48ec7843d8c743c3b881d4211ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5797
Keep-Alive: timeout=2, max=98

GET
H/1.1 200
OK clear.png Show response
rba.onehealthcareid.com/fp/ Frame 0567 81 B
544 B 48ms
15ms XHR
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png

Requested by

Host: rba.onehealthcareid.com
URL: https://rba.onehealthcareid.com/fp/check.js;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jb=363b26246a716f7535446b6e7d70266a736f35446b6c7d70266a73627d3d416070676d67246873603d416872676567253a383935

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 15vimo8r/250c2e4fec170a66fcacac14-8fe9-4dde-8268-ddae9568c85b
Referer: https://identity.onehealthcareid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Last-Modified: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Etag: da2c25ee4c874c25909e6f33a979d948
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://identity.onehealthcareid.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Tue, 03 Nov 2026 07:03:31 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame 0567
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&k=2

0
387 B

16ms
15ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 327

GET
H/1.1 200
OK ls_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077 Show response
rba.onehealthcareid.com/fp/ Frame D710 82 KB
13 KB 20ms
20ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/ls_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b5458390289059a77e4eff327343d954275b000b051dffce0f88d43a8c32f6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
rba.onehealthcareid.com/fp/ Frame 0567 0
387 B 16ms
16ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jb=3134266e73633d323b3b3564393d313730376b3c3a353c31363332376d333b3034303336353535

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077 Show response
h.online-metrix.net/fp/ Frame 7EB2 95 KB
15 KB 55ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

3ef20e49b583c3d8a0ef569fdf84b9c4f874e0cbfeba783882d3c29983e86809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
rba.onehealthcareid.com/fp/ Frame 0567 0
387 B 17ms
17ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jd=373a26246a646e3d3b30246a6e603d3464363b6b323a383b6365373631333b6a646a6361643b3860653731313f3b3426626e746e3d3032393033323b38

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 0567 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077 Show response
rba.onehealthcareid.com/fp/ Frame B000 82 KB
13 KB 19ms
18ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/top_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

07d3a2d3e0fe67cb04723060c347fd16d5cdd810d9d7a0fa6562194566edd930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
rba.onehealthcareid.com/fp/ Frame 0567 0
218 B 18ms
18ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&ja=333a30342624633d382e783d382e663d313638387a333a3830266166353134383270313032322671787b3d3070382464787a3d312c313e38322e393a30302c313e303224333a30322e333632302e313238382e313e38302c313238382e322438266d743d69383a3a636a63666135376664646466316d63383c39313437303e6a3b633f69266d6e3d3c26716b66353236246e683f687674707b2d31412d3a46253246616c676c7c6174792e6f66656a6d6364746a6163726769662e63676527324e69707025324e616c666d702e68746d6426667a3f60747672712531412732462d3a44736d6b7572652e7d6061727a67766964657a2e61676f2d324424726c3f33247068353f3a663a30616136626b6e60673939336237333037636d326c33606660326634246868353a3332383f31643334313e30353a3d306463316d323b3c3a3166303463346064246a7367354e69667d78266a736a35416a7a676d6525323839372e687b6f773f4e696c757a266a7b6a773d4b60726f6d652e666a61353c266e646d3538247c786c3d477661253046576e6b6667756e2e6561746872353c32323b6c316332626d63323a673e63613734303238306164393d373438396664343530303336396c366561613a34666b3b3c61646066373033333331313e63267835706c756761665d64646973685e66696c716d23786c77656b6e5d776b6e64677f715f656d6469615f7864637b6d7a5e66616c7b6523786e7d676b6c5d61666f60655f696b706f6a69745e6661647b672378647567696e577177616163746b6f675e64616e736529786e756f616e5f7368676b6975697e655e666164736729726475656b6c5f7065636c7064697b657a5666616c736d29726e7d6f696e5f7664635d786e697967705c66636c7165217864776761665f64657669647470566e616c736529706e7d65616e5d7174675d766b65776d7a5c66696473652170647d656b66576a61766156666364716d26677a313d60373330346a3930393b30396434373e3b31616b3c353631383e65313a646d633460643936313565266f645d63357f6562676c5f6d6045442d3230312e382530382a4770676c454c27323245532d3a3232263825323043607a6d6f617d6d2957656a474e2d3038474e514e2530304753253a38332e382d3230284f786d6c45442d323045532d32324f4e5b4c27303245512530303126382732384b68726f6d617d6f2b5f6d624b69745f6560436b7c253032556560474e414e4f44475f61667374616e6b6d665d697a726179732d33402d3038455a565d626e656c645f65616c6d6970253342253a38475a5c57636f6c6f7a5f607d646e65705d6a616e665d666c676976253b4a25323045505c5d64646761745f6264656c6c273b42273032455a545d7465707c77726d5766696c746d7a5d636661736f747267706b6b273b42273032574742494954574d5a54577c657874757a6d5d6461647465725f696e6b7b6d7c726d726b63273340253238474753576d6c656d65667c5d6b666c65785f75616e762d314a2530324d45515f64626f577a676e6c6d725f6d69786563722d3b4225323047455157717c616c666372665f666572617e6374617e657325334a2d3032474d535f74657074777a6757666e6d6374273340253238474753577c657874757a6d5d64646761745f6c616e6769702d33402730304d45515f746d7076757a6d5f68616c6e57646e6769742533422d323247475b5f76677a747772675f686964645f6e646f61745f64616c67697a253342253a304d4d515776677076657a5f63727269715d6f6a62656374253b4a2730385f4542474c57636d646d7a5f6077646667725d666c676976253b4a253230574d4a454e576b6f6d70726d73716d665774677a767570655d65746b2d31422d3a305745424f445d616765707265737b656657766d78767770655d657663312d3b40253a38574542474457616d6578726573736d645d7c6770747770675f71337663253b4a2732385f45424b495c5755474a4f4c5f636f6570706d717b65665d76657a74777265577b31746b2d33422532385f47404f445f6465627d675d7a676664677067725d696c666f2d3b40253a3857454247445766676a7d675f73686964677a712d3340273030554540474c576c67707c605f7465787c7d70672d3b422532305f4540434b5c5f554740474e5f6665707c605d746d70747572652d3b40273a3857454247445f667a637f5f6077646667727125334a2d30305f4d42474c5f64677167576b6f6e74657074273b402d32325547424949565f574d4a454c57646f73655f6b676c766d70742533422d32325f474a474e5d6f756e746b5f647a6975313e2e676c5f68353c32353a6d3237613769623138616d326160613232333262656b6b34373831666338616d3e3331692e77676c7635496c7c67642530324b6e612e247767647a3f49667c656c25323841706b7b2d32304f706d6e4544273a30476c65696c652463636c3533&jb=333733246c733d4d67726b6c64692532463526382730382057696e646777712d30384e5627303033302c30253b4a2732385f696e36342d3b40273a38783634292d32324972786c6755676249697625324e3d3137263b3625323020434a564544253243253a306e61696d2530324565616b6d29253a3841687a676d6525324e31372c3826343633382635362d303853636463726b253046353b3f2c333e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 07:03:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net/fp/ Frame 0567 81 B
438 B 71ms
17ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
465 B 1775ms
132ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://identity.onehealthcareid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Nov 2021 07:03:33 GMT
X-ps-id: elr_cse_collector_8
Strict-Transport-Security: max-age=300; includeSubDomains
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://identity.onehealthcareid.com
Access-Control-Expose-Headers: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK check.js Show response
rba.onehealthcareid.com/fp/ Frame 9005 200 KB
28 KB 23ms
23ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/check.js?&pageid=99998&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66

Requested by

Host: rba.onehealthcareid.com
URL: https://rba.onehealthcareid.com/fp/HP?session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8addf03dc5047c23309714475d44e28f1bd779a829fe81891dc2b4fbada52d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rba.onehealthcareid.com/fp/HP?session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 250c2e4fec170a66
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba.onehealthcareid.com/fp/ Frame D710 0
387 B 16ms
15ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jf=3134266e73603d37313d33373c3f366266616e3c67666b30396130323c31303135313763326034

Requested by

Host: rba.onehealthcareid.com
URL: https://rba.onehealthcareid.com/fp/ls_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rba.onehealthcareid.com/fp/ls_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077
rba.onehealthcareid.com/fp/ Frame 0567 0
400 B 20ms
20ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rba.onehealthcareid.com/fp/clear1.png;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jf=36333624736b645f7a66663d7c6c725f734d667f617b435b504b33517f616f6b247b69665d666176653f31363b3e3230313c31312673616c5d767178653d77656a3a676b667b6124716b645d6b67793d3b3837393b3831333036383f3063303e343863653b64323a32393034323a3263383434386b6d3164383b30313037383b36303838303465626b323b3e3b6a65343a66643b306635346d3e3b343d6a366262346a6d3337696c393765356d3430306138386633306136646036383d3866646d3a306332306d396461393a6434663569663b3f343b3833353b333a313a3732696b3137696d373563383e3c63663a39323134653e363a3e606a326432673960333032623b6c2473616c5f736967353b32363d38323230376c32636a376a616167613433393a33626c3a60643038623633343f3b35323a3f646362633d636739303d356335613433356039386e6934386b3f35653938693830303938303963366a613a6e6438643a6763613a366739613d3b61643d30396335366d693532693e376564313c39376e303c6136343b646464313536316c31636d3d303332267b6164703538

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=4D847D26EA3A4588668D7A5B5B886074
h.online-metrix.net/fp/ Frame 7EB2 0
400 B 18ms
18ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=4D847D26EA3A4588668D7A5B5B886074?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jf=36333624736b645f7a66663d7c6c725f7033583b4c643a3c793467597a6f765f247b69665d666176653f31363b3e3230313c31312673616c5d767178653d77656a3a676b667b6124716b645d6b67793d3b3837393b3831333036383f3063303e343863653b64323a32393034323a3263383434386b6d3164383b30313037383b36303838303433386c646130373f326466353837623a38666d3a30316d3a386565383e3834636a3d643935376d31316e3631303760666634303a6266316a33346a3e34616130313d37333c3b343561633164606d603061663331303461306364396e34333a3866623364693c34633a3a333835356b32603e373e353061673361633266396c302473616c5f736967353b32363d38323230313a3161303a6a64363760336034313832693e32666d38663237653d3a3033396c326138326e393b6b6630343437326261343732643f3034643d39646630363f3830303938303863643d64613166306363613b3936303165396d6e34326b38613761623c3e6130396a643962636a393231633062373a336164343631616d6963656a6a373962267b6164703539

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cse.rakanto.com/cx_collector/ 3 B
465 B 1654ms
132ms XHR
text/plain 149.111.165.13
UHC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.rakanto.com/cx_collector/

Requested by

Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

149.111.165.13 , United States, ASN10879 (UHC, US),

Reverse DNS

cse-elr.rakanto.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://identity.onehealthcareid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 04 Nov 2021 07:03:33 GMT
X-ps-id: elr_cse_collector_7
Strict-Transport-Security: max-age=300; includeSubDomains
Access-Control-Allow-Methods: GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://identity.onehealthcareid.com
Access-Control-Expose-Headers: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, *

POST
H/1.1 200
OK 4351a748a3 Show response
bam.nr-data.net/events/1/ 24 B
195 B 99ms
99ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4351a748a3?a=761736972&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=3927&ck=1&ref=https://identity.onehealthcareid.com/app/index.html
Requested by: Host: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/static/js/summer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://identity.onehealthcareid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://identity.onehealthcareid.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1 200
OK ARF;CIS3SID=91967575616020910DF4D66628C475DE Show response
rba.onehealthcareid.com/fp/ Frame 9005 35 B
557 B 20ms
20ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/ARF;CIS3SID=91967575616020910DF4D66628C475DE?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&pageid=99998&sera_parametere=VEUNWgVWAwMDUwEGCFgOUwAMU1cAVAAHUVNUDgBQDw8KAlMHU1cEAlFSCRFDEgtfXEVFF0FAByJAVHMSByUTBAJfQwZeAFkDCxdCEgMlEwFwBRVUdkAGVg0MQkNDRAVyFwJyRgUhEgIMXgkOUlBXVwQABlVTUlJfAAcFUQBYAg4BAFJWBAMEUAYHVVMFVlRQBgcWDV0LVwNYUQQHU1NTAlRQU1IFVVVQU0VbRA1RTlUCAgYAClEHAgcAAlZRBVAEBAQDB1ZdUFFdUwFWAwQOUFYFBFdTVANABAoMBgBSBAEUXFleH1QSFgxeCA4JWA4QWl4NRVBYdw4XDFxSFgNACwsAFgFdFgkqDA1ETxYCVAtGUUo8UQRYCgcCUlwWBEILBQA%3D&count=0&max=0

Requested by

Host: rba.onehealthcareid.com
URL: https://rba.onehealthcareid.com/fp/check.js?&pageid=99998&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a6dc399f735efba03c5b8425ce66d3c1c5682661db004831c80b543e806c449a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rba.onehealthcareid.com/fp/HP?session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&org_id=15vimo8r&nonce=250c2e4fec170a66&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
rba.onehealthcareid.com/fp/ Frame 0567 0
387 B 18ms
17ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear.png?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jac=1&je=33353324267565627a7c615f6d707465726e69645d6b78353137362e312e303a2c3d3424756b6d3f776762727c6b5d69667c65726e6164576f66667b26706d3d666f246a637c73763f79226e6574656c2a32332e38382c227374697c77712a32226368617a676b66652a7d246377646a3d6165666a6967343f3036373766383a64606a6c3937333639373431306c62663b613636353262663d3e36313e3e396562656e39373b3d69623734356932333935

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Nov 2021 07:03:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077 Show response
rba.onehealthcareid.com/fp/ Frame 0567 0
218 B 19ms
18ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://rba.onehealthcareid.com/fp/clear3.png;CIS3SID=7E07D88E3114FA73B0D1FADEAC84F077?org_id=15vimo8r&session_id=fcacac14-8fe9-4dde-8268-ddae9568c85b&nonce=250c2e4fec170a66&jac=1&je=null

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identity.onehealthcareid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 07:03:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: provider-cdn.linkhealth.com
URL: https://provider-cdn.linkhealth.com/apps/seamless-digital/prod/messages/data.json

Domain: zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com
URL: https://zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_9QtjklCeG15veAZ

Domain: secure.uhcprovider.com
URL: https://secure.uhcprovider.com/api/identity/ohid/userinfo

Domain: identity.onehealthcareid.com
URL: https://identity.onehealthcareid.com/app/error.html

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uhcprovider.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 02:46:01	Name: demdex Value: 60306992366947072132981805253880053646
.uhcprovider.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 07:12:25	Name: everest_g_v2 Value: g_surferid~YYOFvwAAAMWqPQQS
.dpm.demdex.net/	1970-01-20 02:46:01	Name: dpm Value: 60306992366947072132981805253880053646
.uhcprovider.com/	1970-01-20 15:58:01	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18936%7CMCMID%7C66542527513115248362776608307536158823%7CMCAAMLH-1636614207%7C6%7CMCAAMB-1636614207%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1636016607s%7CNONE%7CMCSYNCSOP%7C411-18943%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.uhcprovider.com/	1970-01-20 16:00:54	Name: mbox Value: session#162e95e416f44270952d65a611c1fd3c#1636011268\|PC#162e95e416f44270952d65a611c1fd3c.37_0#1699254208
.linkedin.com/	1970-01-19 23:10:01	Name: UserMatchHistory Value: AQIUfp8sBqdxaQAAAXzpwnTuMuoYH04mLNLSriTcvT808RZbGbEc8TIZsN7jrQ6l38Qw_Ky0Lza3tA
.linkedin.com/	1970-01-19 23:10:01	Name: AnalyticsSyncHistory Value: AQKrwI9__C0JxgAAAXzpwnTu-vip7zNtoboiotrwCEZ1gd81-he00JiPoiPa-J80F6XxtGLrQtM9o5Z7BolKZA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:58:43	Name: bcookie Value: "v=2&3e33302b-e2b5-4a33-8cc9-711d0727e85d"
.linkedin.com/	1970-01-19 22:28:15	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2573:u=1:x=1:i=1636009407:t=1636095807:v=2:sig=AQG-bMr_Jp4P5owO-8IVt1oan2bsyfkk"
ws.sessioncam.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: qut4vnglsce10pg0oc1ceq2o
secure.uhcprovider.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: qut4vnglsce10pg0oc1ceq2o
secure.uhcprovider.com/	1970-01-20 07:12:25	Name: sc.UserId Value: 61661301-6546-4374-873b-85a089d3f74c
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:58:43	Name: bscookie Value: "v=1&20211104070327fb41fd7a-16b2-4386-8ba2-82b476b2f509AQERUH2Aba9jMlqQOQyfdH-qXQuJyk97"
.linkedin.com/	1970-01-20 15:54:37	Name: li_gc Value: MTswOzE2MzYwMDk0MDc7MjswMjH33tJ3eQRgBpexEXIe0aNCUoyeRU12v3uL//Wh25mytQ==
identity.onehealthcareid.com/	1969-12-31 23:59:59	Name: oidp Value: AV48Esy2RqQgbgklQ6bnqwdHsaR6cIrC9XX6BKRHZuN9nMax1AtgympCw_CZvA==
identity.onehealthcareid.com/	1970-01-21 18:14:49	Name: akym-d Value: 4CoFPGhdmZEk4anf7xqXhS
rba.onehealthcareid.com/	1970-01-21 17:38:49	Name: thx_guid Value: 71d0f91f12264b85a6cc34f75fb336a4
h.online-metrix.net/	1970-01-21 17:38:49	Name: thx_global_guid Value: 43039e2802b14a899eb2649917f24d0c
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3b8904506cd06df5

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apps.uhcprovider.com/api/identity/ohid/oidc/token/introspect Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://identity.onehealthcareid.com/app/index.html#/login Message: Refused to apply style from 'https://identity.onehealthcareid.com/app/error.html#/handle-error?errorCode=404' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
deprecation	warning	URL: https://identity.onehealthcareid.com/static/js/summer.js Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript	error	URL: https://identity.onehealthcareid.com/app/index.html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://identity.onehealthcareid.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://identity.onehealthcareid.com/app/index.html#/login Message: The resource https://identity.onehealthcareid.com/app/static/css/fonts/opensans/opensans-bold-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://identity.onehealthcareid.com/app/index.html#/login Message: The resource https://identity.onehealthcareid.com/app/static/css/fonts/opensans/opensans-regular-webfont.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15vimo8rabcpankggqdzihwm5oyrlbm4r3fhuxao250c2e4fec170a66am1.e.aa.online-metrix.net
apps.uhcprovider.com
assets.adobedtm.com
bam.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.everesttech.net
cse.rakanto.com
d2oh4tlt9mrke9.cloudfront.net
dpm.demdex.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
identity.onehealthcareid.com
js-agent.newrelic.com
linkhealth.com
polyfill.io
provider-cdn.linkhealth.com
provider.linkhealth.com
px.ads.linkedin.com
px4.ads.linkedin.com
rba.onehealthcareid.com
repo.rakanto.com
secure.uhcprovider.com
smetrics.optum.com
snap.licdn.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
ws.sessioncam.com
www.linkedin.com
zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
identity.onehealthcareid.com
provider-cdn.linkhealth.com
secure.uhcprovider.com
zn9qtjklceg15veaz-uhcdr.siteintercept.qualtrics.com
108.174.10.14
143.204.98.10
149.111.164.232
149.111.165.13
15.188.95.229
151.101.2.137
162.247.242.20
168.183.36.229
18.66.107.51
18.66.97.116
185.32.241.65
2600:9000:2156:9000:18:51c1:c340:93a1
2600:9000:223d:5200:16:4490:3c0:93a1
2600:9000:2251:8c00:1a:19fe:bb80:93a1
2606:4700::6810:125e
2606:4700::6810:5514
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00::210:ba13
2a04:4e42:400::282
34.241.165.255
52.18.85.49
52.210.87.143
54.162.154.79
54.194.191.134
91.235.132.130
91.235.134.131
0338ca46c8569685b164483847733f919655d72eefdb1e1af756fba978301f40
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
062a832fee52b63b43ab13ff33f83e71d4a3ba1b617b6e88d1c46c1100ef7a40
07d3a2d3e0fe67cb04723060c347fd16d5cdd810d9d7a0fa6562194566edd930
0b32a8f9b98079126a413f8200ffd23a2829f22a2b21bde7041e8d0616c866c5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
138d1f48c19f536b119a2670ad286e2685eb2c0d57ed357b16a3fc364e123843
1910ec08af09ef14e4ef8c1250db1d36aca66afffb25769fd08525ff58ea1d4f
194f548db7633735d8734183c650f7db074c2df053f64b8c072201194045039e
2a76b9ef9241234446776d520f153c1ad102dcc4931e70daed41cc85b57b0e13
2c661f8097b6330337d718b6cb6c5ff14161870f16c4c313a5365894f46dd3d2
36fe7d18cfafca08c858c51a7994b2c15d528bb67fbe54086f523ee11a4ec163
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
3c7d13e3cc47f3e8ed20062685edc34279da340b1e9120f0cdaef3b08854d995
3cc632231fca883c829e8a6edb5d36d92fc1f3db5f6b716bc44ed89bbb07083a
3ef20e49b583c3d8a0ef569fdf84b9c4f874e0cbfeba783882d3c29983e86809
3f78b972a740314249bd6f9b3659d42eb24e7215b8e590e4e2586e71acfcd165
41355bfbc2e6730de7e5916061cc29926432e46def4d0d3e08d74ccbb61b745b
419b863718c62911e2bfcd2bdf5bf95844b421b3542043ea279dd42edc43c762
481ae2fc81072cfdfb62a759f2add993f033a8e7e4bce2e817fee8b7eeef7da9
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
555bb293ec68445709dab5b1984cb0d4e6d25f258ce5eabc1f7ede3a0fd71562
5868a377fda003d9d80ffa756dcd6830f7038790b1b4c0e6b9cc4590f1928833
5945485d735096d0c6f0daec5fbe13f8a2aed8be0dac08fbf59d80dad584c802
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
618f566889603b3da9ec8c2ccf8624ff32165081ecc00553c489e8e455683209
61e401f4bc993066c75f9b41208307fbe0b4e9b5b46017ad9efaa5a0e6a717df
61ff2be17be3bcb7c02ec5ffa8f976695d15dbc07e1ce160479712792bdcbcdb
628d70aabc404ae952438c46b2a1fd3f051b8e48f1ef5f4ba463b55c8cab1123
705495f84f2adb64029733a4ea92b84aa9cf373b5dc7f05f2329165829d38b96
7bc03bad844f059717a9118727b9b6f1876940fa36e11aa784de2db0d9200265
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d62d929d45e266e8ffcc0073eb5cf8c9d689d8991658e3e195cc3f5f0a99461
8978f6d1a87e157314ac70191439466d47bb899083b9945d6cd76917f899bb5e
897c6644cf07c3e7fdf13a608b2c0aa41341215720c4a95c8f0bd63fb604add3
8addf03dc5047c23309714475d44e28f1bd779a829fe81891dc2b4fbada52d5f
90358b950581aebf76c52ca9ed48966d1a66978ffc065a5a03ed524a421bd14b
92f9494b0b2a89dda38b7936c1bdd819d130d1eb08d4358642f8a0435ce939ac
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9de338f95994379018f9586dc5a6f7b2b9258c4a95fe813397c8ab848d961012
a6dc399f735efba03c5b8425ce66d3c1c5682661db004831c80b543e806c449a
a83be51853e15587d330d93a8b02d1b6565ea5c4a1b62aca9300f817c691c8fc
a91fef78fbe532b68fbc9185c15b99c590915baf3870556ced93d764aa710e2f
b27bc4aaf8ba7b403cce3f6b03d40a383bb04e6c183ad704c269479d304257d7
b5458390289059a77e4eff327343d954275b000b051dffce0f88d43a8c32f6b8
b56978c4ae38235aad05c6383c5e60830e25b65efbc993ac54da9e495e92bff7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabbe37657766783940b19b49e5b640a56025d4af04de48ad9ff2ee7a6e5bc43
cc3e68b21f5c184dd1be87e8c62c2de39bf4a6de042f8560fb59e4f0dd34f639
d5858e63498291bd39d8bf816df7e0cab6dc2576d4a8f88626f4c1e5d7a1878c
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d798f67f0d33a7c52e6179ae6c51d6ed270aff1af9361c64c6625ca7b4f72eb7
d9d7d6758a52c6bb6a2faee2397ab505ddd0f7fb2a86360473e5358b5b4955d8
e1f142e2ab340f0e5ac90af736aaae8ebffd978b6c50dcce86cabf24e6d782b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea885cdcf3dd73cef8e053ea6561eab59ba92e2e1d8ae9b6e17d1ae22b9af5a3
eef4b8a4fb20ef3c75a13009d73408af694383fabc6a7cd409ccfa9f1b9a2a15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef40d3bcd15c6e6787a82fa1af669bd449ee48ec7843d8c743c3b881d4211ea1
fa4a93777a7cb3caa0278e6871564bfc69648a26a4f66566f894bbc9e3c6fdd0
fbff962056c0915525e9e8cc8868e9d86c33edc1f619e6f2adb9bb0ec636aae0
fd06b7344b1f6bcc584b282d55746aed5a5c21cd3884291be4987c93ce329ff9
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

identity.onehealthcareid.com Open in urlscan Pro 18.66.97.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

98 Requests

91 %HTTPS

36 %IPv6

21 Domains

30 Subdomains

24 IPs

4 Countries

3551 kBTransfer

6810 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

identity.onehealthcareid.com Open in urlscan Pro
18.66.97.116 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

91 %
HTTPS

36 %
IPv6

21
Domains

30
Subdomains

24
IPs

4
Countries

3551 kB
Transfer

6810 kB
Size

23
Cookies

98 HTTP transactions
1 data transactions