premera.saas.secureauth.com Open in urlscan Pro
52.25.56.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go1.premera.com/ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uMblBbP6T47jbJU8c=
Effective URL:
https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://mem...
Submission: On April 01 via api (April 1st 2022, 12:09:44 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 63 HTTP transactions. The main IP is 52.25.56.57, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is premera.saas.secureauth.com. The Cisco Umbrella rank of the primary domain is 618508.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 16th 2021. Valid for: a year.

This is the only time premera.saas.secureauth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	52.247.202.34 52.247.202.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.211.96.107 52.211.96.107	16509 (AMAZON-02) (AMAZON-02)
7	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1	40.91.73.27 40.91.73.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	52.25.56.57 52.25.56.57	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	34.249.134.87 34.249.134.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.16.70.86 52.16.70.86	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.216.2.121 54.216.2.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	() ()
63	21

1 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go1.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.247.202.34 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

member.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contentservices.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.96.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-96-107.eu-west-1.compute.amazonaws.com

premera.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.91.73.27 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

member-edge.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.25.56.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-56-57.us-west-2.compute.amazonaws.com

premera.saas.secureauth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.134.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-134-87.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.70.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-70-86.eu-west-1.compute.amazonaws.com

premera.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetrics.premera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.2.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-2-121.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	premera.com go1.premera.com member.premera.com — Cisco Umbrella Rank: 631720 contentservices.premera.com — Cisco Umbrella Rank: 515385 member-edge.premera.com — Cisco Umbrella Rank: 526564 smetrics.premera.com — Cisco Umbrella Rank: 338063	666 KB
12	secureauth.com premera.saas.secureauth.com — Cisco Umbrella Rank: 618508	325 KB
7	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2765	162 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 premera.demdex.net — Cisco Umbrella Rank: 367368	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	2 KB
2	omtrdc.net premera.tt.omtrdc.net — Cisco Umbrella Rank: 369208 mboxedge37.tt.omtrdc.net — Cisco Umbrella Rank: 18089	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 954	77 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5640	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95	444 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1018	517 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	297 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	3 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1889	22 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	7 KB
63	17

	Domain	Requested by
12	premera.saas.secureauth.com	member.premera.com premera.saas.secureauth.com
10	member.premera.com	go1.premera.com member.premera.com
7	nexus.ensighten.com	member.premera.com nexus.ensighten.com premera.saas.secureauth.com
3	www.google-analytics.com	nexus.ensighten.com www.google-analytics.com
3	contentservices.premera.com	member.premera.com
3	fonts.googleapis.com	member.premera.com premera.saas.secureauth.com
2	smetrics.premera.com	member.premera.com
2	dpm.demdex.net	member.premera.com nexus.ensighten.com
2	use.fontawesome.com	member.premera.com use.fontawesome.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	member.premera.com
1	mboxedge37.tt.omtrdc.net	member.premera.com
1	cm.everesttech.net	1 redirects
1	premera.demdex.net	nexus.ensighten.com
1	www.facebook.com
1	connect.facebook.net	nexus.ensighten.com
1	az416426.vo.msecnd.net	member.premera.com
1	member-edge.premera.com	member.premera.com
1	premera.tt.omtrdc.net	member.premera.com
1	cdnjs.cloudflare.com	member.premera.com
1	go1.premera.com
63	23

This site contains no links.

Subject Issuer	Validity	Valid
go1.premera.com Cloudflare Inc ECC CA-3	`2022-03-01` - `2023-03-01`	a year	crt.sh
member.premera.com GlobalSign RSA OV SSL CA 2018	`2021-10-08` - `2022-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
contentservices.premera.com GlobalSign RSA OV SSL CA 2018	`2021-07-08` - `2022-08-09`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.saas.secureauth.com Go Daddy Secure Certificate Authority - G2	`2021-09-16` - `2022-10-18`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-08` - `2022-04-08`	3 months	crt.sh
smetrics.premera.com GlobalSign RSA OV SSL CA 2018	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
Frame ID: 626F4BBE7AAFF134651A17999FBD5436
Requests: 59 HTTP requests in this frame

Frame: https://premera.demdex.net/dest5.html?d_nsid=0
Frame ID: 5F6B76EDA9145A214968970E0D25DE75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go1.premera.com/ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uM... Page URL
https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LV... Page URL
https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redi... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

Page Statistics

63
Requests

89 %
HTTPS

52 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1310 kB
Transfer

4997 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go1.premera.com/ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uMblBbP6T47jbJU8c= Page URL
https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA Page URL
https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.everesttech.net/cm/dd?d_uuid=17102872833585495171713177156854822343 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkbrhwAAAMOjUgO1

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uMblBbP6T47jbJU8c=
go1.premera.com/ 531 B
999 B 243ms
209ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go1.premera.com/ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uMblBbP6T47jbJU8c=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f5137982ab7913c-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 01 Apr 2022 12:09:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 200
OK sign-in Show response
member.premera.com/ 2 KB
2 KB 703ms
170ms Document
text/html 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA

Requested by

Host: go1.premera.com
URL: https://go1.premera.com/ODU3LVlHUi02NTkAAAGDf3bCAo2LM8_y72kSUlxqggEeSEwLl2FfkOBYxMJUcKxlcuMFGa_t79uMblBbP6T47jbJU8c=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85a9d324172b5da256951cbbe8f325b35075611997580f76aeaa0f1cf033bda8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go1.premera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1111
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html
Date: Fri, 01 Apr 2022 12:09:39 GMT
ETag: "6afa9e891a25d81:0:dtagent10221210805073954l9lJ"
Last-Modified: Fri, 18 Feb 2022 22:54:50 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server-Timing: dtRpid;desc="-305190303"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true

GET
H/1.1 200
OK ruxitagentjs_ICA2Vfgqru_10221210805073954.js Show response
member.premera.com/ 202 KB
79 KB 177ms
176ms Script
text/javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/ruxitagentjs_ICA2Vfgqru_10221210805073954.js

Requested by

Host: member.premera.com
URL: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8faef489c1a8a5a473bf8424c14508dd19c380fb1b1c41c41657fb6e3db976a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Server: Microsoft-IIS/10.0
Date: Fri, 01 Apr 2022 12:09:40 GMT
X-Frame-Options: sameorigin
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, immutable
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 80062
X-Content-Type-Options: nosniff
Expires: Sat, 01 Apr 2023 12:09:40 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 180ms
62ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 12:09:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 12:09:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 12:09:40 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 58ms
26ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: member.premera.com
URL: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://member.premera.com/
Origin: https://member.premera.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:40 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1NW465THVT2YJFFJ
x-amz-id-2: 958W1+oNJoVblGAkSJS7TZA2vY9ipfTGuRKxFuJ+ddu5k+dFo3f818VCQz+fHvNABuN4zaSp+/E=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVBx%2BjwEyZrcgHs0h%2B8aXkAqSkGEGsguFdCrMBJ26iA3BTe6AbDLvf460pLNs70qK6w3aC1KjX7xabuKerNqK%2B%2BhKlENM1zKu1sYFkWvJespt%2BnbRopNN645%2BQ1qfVL3vIcnOMeMRYMEyTdGgvDCldAN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6f51379e7ecd91d8-FRA

GET pbc.css
member.premera.com/assets/ 0
0

GET
H/1.1 200
OK sw-clean.js Show response
member.premera.com/assets/ 502 B
881 B 489ms
171ms Script
application/x-javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/assets/sw-clean.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78acf2126a634507f19fdf32d51e7e123938035a65edd07d37cda567896460f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "1a6fd3891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="-1882274135"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 322
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK at.js Show response
member.premera.com/assets/ 111 KB
32 KB 651ms
334ms Script
application/x-javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/assets/at.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5f7d00591a9cb1d063b3deee61c21bb899821ec0d64d445762830987c910b03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "80ef47891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="-1250075021"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 32089
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK pbc.c169fc26989a90a2275f.css
member.premera.com/assets/ 269 KB
47 KB 656ms
339ms Stylesheet
text/css 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/assets/pbc.c169fc26989a90a2275f.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

514a7f75fdd530eb8da51f8fc1868a40de0c90c0b25a25bbf0b7d89a5a76a334

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:52 GMT
ETag: "086e0891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="1290409604"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 47939
X-Content-Type-Options: nosniff

GET
H2 200 hammer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/ 20 KB
7 KB 66ms
35ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hammer.js/2.0.8/hammer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4070182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6561
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-511d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RMS8sLQpM26rSC1KBtu54kTI374uPtc1C4teZl%2BP0HH36DeDjCP8dMgs7Zdemt8XjQq0glFzynjjaHdFLa%2B%2FJFrl21cHsO1oLHdXyjyX5DBVpbS4P6mEk8RYbHnL3ptELr0YAvlsAx0qz8fHzzjEFMe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f5137a2bd039975-FRA
expires: Wed, 22 Mar 2023 12:09:41 GMT

GET
H/1.1 200
OK runtime.b5a0f5b468b5da959a98.js Show response
member.premera.com/ 2 KB
2 KB 292ms
291ms Script
application/x-javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/runtime.b5a0f5b468b5da959a98.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b02271aa0d455ab4cd2f98ecfbd225a0b625e6b45a1daf0457df06ac55967a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "535b9891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="1372013073"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1460
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK polyfills.0bf764a5272a312e1e76.js Show response
member.premera.com/ 45 KB
15 KB 271ms
271ms Script
application/x-javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

caa6118aae97635873fe8377b9e3e5d89a4e2c4fdafbb1e248246f99d71a7e06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "80ef47891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="-67230048"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 14999
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main.e2fdd37b04b1e6288213.js Show response
member.premera.com/ 2 MB
481 KB 462ms
461ms Script
application/x-javascript 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/main.e2fdd37b04b1e6288213.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aca18e508da40bce6e8eda79ddb61e15a767922ff9250a308866252fe841850b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "80ef47891a25d81:0"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:40 GMT
Server-Timing: dtRpid;desc="-734661524"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 492380
X-Content-Type-Options: nosniff

GET pbc.css
member.premera.com/assets/ 0
0

POST
H2 200 delivery Show response
premera.tt.omtrdc.net/rest/v1/ 283 B
547 B 116ms
34ms XHR
application/json 52.211.96.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://premera.tt.omtrdc.net/rest/v1/delivery?client=premera&sessionId=db105a714ff6467ab0d5b208602c8a84&version=2.5.0
Requested by: Host: member.premera.com
URL: https://member.premera.com/assets/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-96-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5c51f6f7677a25adb51ed11d745f3ccff635805362296e7dd643d7f5b8729ff6

Request headers

Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 12:09:41 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://member.premera.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 2eb39f7809fbb29bd4aa715b347d42c4

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
66 KB 24ms
24ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://member.premera.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:41 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22
cf-ray: 6f5137a3694491d8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: mn60tLYsN6WYscuvrUOpLp8+sXF1RDBP7mSEfReVDXgveNSOwdahGjoAxQqNz1O5HIt4y5M5rFg=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9M0krmLoZ8pXRLa20DaI7WJSzxc9Tguu5Gfl5J%2FnxX%2FZERwBLCLQAiRtkatcehwSnCQHyitC8tpBvtLEP6cupTlCpYBqZpwwJ5s7t0ZcJTNkGQs%2BIsvmMYnKVivE6RbtITCbuIUHYYhgQBheoBD0qAJ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 9H7E96V56Q6ACA0Z
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 665ms
170ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://member.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://member.premera.com
Content-Length: 0
Date: Fri, 01 Apr 2022 12:09:42 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 662ms
169ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://member.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://member.premera.com
Content-Length: 0
Date: Fri, 01 Apr 2022 12:09:42 GMT
X-Powered-By: ASP.NET

OPTIONS
H/1.1 200
OK componentstate
contentservices.premera.com/api/v1.0/content/ Frame 0
0 659ms
167ms Preflight 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://contentservices.premera.com/api/v1.0/content/componentstate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://member.premera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://member.premera.com
Content-Length: 0
Date: Fri, 01 Apr 2022 12:09:42 GMT
X-Powered-By: ASP.NET

GET
H/1.1 200
OK en.json
member.premera.com/assets/l10n/ 5 KB
2 KB 162ms
162ms XHR
application/json 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/assets/l10n/en.json

Requested by

Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-dtpc: 9$14981339_829h2vQPOCSJCNFMGGMMLCPPRFKWOEHFULIHAH-0

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 18 Feb 2022 22:54:51 GMT
ETag: "086e0891a25d81:0:dtagent10221210805073954l9lJ"
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
X-XSS-Protection: 1; mode=block
Date: Fri, 01 Apr 2022 12:09:42 GMT
Server-Timing: dtRpid;desc="273570844"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1703
X-Content-Type-Options: nosniff

GET
H2 200 Bootstrap.js
nexus.ensighten.com/premera/prod/ 199 KB
64 KB 34ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Requested by: Host: member.premera.com
URL: https://member.premera.com/main.e2fdd37b04b1e6288213.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:03:22 GMT
server: nginx
etag: W/"602f0e5a-31a11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK impersonation
member-edge.premera.com/api/v1.0/members/ 149 B
1 KB 554ms
170ms XHR
application/json 40.91.73.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member-edge.premera.com/api/v1.0/members/impersonation

Requested by

Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.91.73.27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 12:09:43 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: sameorigin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://member.premera.com
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Security-Policy: script-src https: 'self' 'unsafe-inline'; object-src 'none'; form-action 'self'; frame-ancestors 'none'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 231
X-Content-Type-Options: nosniff
Request-Context: appId=cid-v1:c3959ec6-8485-4ec4-a6db-50eab653e1fe

POST componentstate
contentservices.premera.com/api/v1.0/content/ 0
0

GET
H2 200 Primary Request SecureAuth.aspx Show response
premera.saas.secureauth.com/SecureAuth30/ 69 KB
28 KB 725ms
363ms Document
text/html 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment

Requested by

Host: member.premera.com
URL: https://member.premera.com/main.e2fdd37b04b1e6288213.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

d0859d4e1ab27764979134611d6d216bf0fda2343ed71bfb8b0113fca1362b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache, no-store,no-store
content-encoding: gzip
content-length: 28113
content-type: text/html; charset=utf-8
date: Fri, 01 Apr 2022 12:09:43 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK rb_bf03933pyk
member.premera.com/ 118 B
706 B 165ms
165ms Ping
text/plain 52.247.202.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://member.premera.com/rb_bf03933pyk?type=js3&sn=v_4_srv_9_sn_478FA47FAADB7821889B66B13EC8E769_perc_100000_ol_0_mul_1_app-3A6cbe104c82e9b82e_1&svrid=9&flavor=post&vi=QPOCSJCNFMGGMMLCPPRFKWOEHFULIHAH-0&modifiedSince=1648767640070&rf=https%3A%2F%2Fmember.premera.com%2Fsign-in%3Feml%3DPBCWA%3AMKTG%3Amember%3Apaccar_useplan_032422%3Amyaccount%26mkt_tok%3DODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA&bp=3&app=6cbe104c82e9b82e&crc=1231858647&en=n7rt6vxn&end=1

Requested by

Host: member.premera.com
URL: https://member.premera.com/ruxitagentjs_ICA2Vfgqru_10221210805073954.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.247.202.34 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Content-Security-Policy: frame-ancestors 'none'
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: Microsoft-IIS/10.0
X-Frame-Options: sameorigin
Date: Fri, 01 Apr 2022 12:09:42 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff

GET
H2 200 ai.0.js
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 29ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: member.premera.com
URL: https://member.premera.com/main.e2fdd37b04b1e6288213.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Apr 2022 12:09:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 930
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b347413a-001e-008e-52bf-453ec3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 01 Apr 2022 12:39:42 GMT

GET
H/1.1 200
OK id
dpm.demdex.net/ 366 B
1 KB 127ms
39ms XHR
application/json 34.249.134.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&d_nsid=0&ts=1648814982834

Requested by

Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-134-87.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v030-04a642d70.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: FibHIgX5RYc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://member.premera.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php
nexus.ensighten.com/premera/prod/ 597 B
739 B 9ms
9ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/serverComponent.php?r=97693.28690601944&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/premera/prod/code/&publishedOn=Fri%20Feb%2019%2001:03:21%20GMT%202021&ClientID=981&PageID=https%3A%2F%2Fmember.premera.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 597
expires: Fri, 01 Apr 2022 12:09:41 GMT

GET
H2 200 c5e501694380f195bee6661bbab8b946.js
nexus.ensighten.com/premera/prod/code/ 81 KB
24 KB 8ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/c5e501694380f195bee6661bbab8b946.js?conditionId0=422990
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:03:22 GMT
server: nginx
etag: W/"602f0e5a-1430e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 c66d882608f824002bd87b06fb48d255.js
nexus.ensighten.com/premera/prod/code/ 88 KB
9 KB 9ms
8ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/c66d882608f824002bd87b06fb48d255.js?conditionId0=344128
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:03:22 GMT
server: nginx
etag: W/"602f0e5a-1607c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7412a32c03e60a3aad5a073f89c07750.js
nexus.ensighten.com/premera/prod/code/ 448 B
621 B 9ms
8ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/7412a32c03e60a3aad5a073f89c07750.js?conditionId0=343963
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
last-modified: Fri, 28 Jun 2019 17:22:35 GMT
server: nginx
etag: "5d164cdb-1c0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 448

GET
H2 200 1e3fd41c31aa7ddd7ffb5a5632e80641.js
nexus.ensighten.com/premera/prod/code/ 2 KB
968 B 9ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/code/1e3fd41c31aa7ddd7ffb5a5632e80641.js?conditionId0=4819412
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 18:04:14 GMT
server: nginx
etag: W/"5de6a39e-609"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/code/1e3fd41c31aa7ddd7ffb5a5632e80641.js?conditionId0=4819412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2093
date: Fri, 01 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Apr 2022 13:34:50 GMT

GET
H2 200 fbds.js
connect.facebook.net/en_US/ 4 KB
3 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pOSF1350EmJ0iJup9B3Zww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Apr 2022 12:28:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2167
x-fb-rlafr: 0
x-fb-debug: 1oPe6PZNBJD5oQbHczd0ikXZwEmZO4TpZp/wgA7dzsA1J30kQZYnMIxNkYu6SNDyiT++zxysjAKPrFU1VwWADA==
x-fb-trip-id: 686109401
x-fb-content-md5: 62b3ff2b5263d3954e2b7f907334acb6
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 01 Apr 2022 12:09:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "27f757ad38857cd5b16306e816107aa7"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=564612430308911&ev=PixelInitialized&dl=https%3A%2F%2Fmember.premera.com%2F&rl=https%3A%2F%2Fgo1.premera.com%2F&if=false&ts=1648814982910

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 01 Apr 2022 12:09:42 GMT

GET
H/1.1 200
OK dest5.html
premera.demdex.net/ Frame 5F6B 7 KB
3 KB 124ms
29ms Document
text/html 52.16.70.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.70.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-70-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v030-0ca40b480.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4aJ/R9vhRxY=
content-encoding: gzip
date: Fri, 1 Apr 2022 12:09:43 GMT
last-modified: Tue, 15 Mar 2022 12:36:14 GMT
vary: accept-encoding

GET
H2 200 id
smetrics.premera.com/ 48 B
511 B 72ms
17ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.premera.com/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&mid=16876210493344286551662363527947321381&ts=1648814982969

Requested by

Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-wcrdn
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://member.premera.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YkbrhwAAAMOjUgO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17102872833585495171713177156854822343
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkbrhwAAAMOjUgO1

42 B
945 B

31ms
31ms

Image
image/gif

34.249.134.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkbrhwAAAMOjUgO1

Protocol

HTTP/1.1

Server

34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-134-87.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0c088c812.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ypjYdqB4R3k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YkbrhwAAAMOjUgO1
Date: Fri, 01 Apr 2022 12:09:43 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery
mboxedge37.tt.omtrdc.net/rest/v1/ 350 B
589 B 35ms
34ms XHR
application/json 52.211.96.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=premera&sessionId=db105a714ff6467ab0d5b208602c8a84&version=2.2.0
Requested by: Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-96-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://member.premera.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: c9bf07189a180b2806e951550585acb1

GET
H3 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
884 B 113ms
53ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 11:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Apr 2022 12:57:37 GMT

GET
H2 200 s83720334984337
smetrics.premera.com/b/ss/premeraglobal/1/JS-2.15.0/ 43 B
330 B 18ms
17ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.premera.com/b/ss/premeraglobal/1/JS-2.15.0/s83720334984337?AQB=1&ndh=1&pf=1&t=1%2F3%2F2022%2012%3A9%3A43%205%200&sdid=050A9C7E84B994B1-68E2C86D6780CEFC&mid=16876210493344286551662363527947321381&aamlh=6&ce=UTF-8&pageName=Dashboard&g=https%3A%2F%2Fmember.premera.com%2F&r=https%3A%2F%2Fgo1.premera.com%2F&c.&visitorAPI=VisitorAPI%20Present&.c&ch=Member%20Dashboard&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=member.premera.com%2F&c3=New&c4=JS-2.15.0&c5=Website&c6=16876210493344286551662363527947321381&c8=Public%20Home%20Page&c9=Authenticated&c12=Not%20Mobile&c13=Not%20Mobile&c14=member.premera.com&c15=prod&c16=First%20Visit&c18=2021-02-18&v21=16876210493344286551662363527947321381&v91=Dashboard&v92=Dashboard&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 02 Apr 2022 12:09:43 GMT
server: jag
xserver: anedge-7b6f4bb9f7-cvzxh
etag: 3540803215536029696-4619819445797807358
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 31 Mar 2022 12:09:43 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
444 B 111ms
37ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12362720-4&cid=1944494523.1648814983&jid=542124651&gjid=506822920&_gid=1452778456.1648814983&_u=aGBAiEAjBAAAAE~&z=638991409

Requested by

Host: member.premera.com
URL: https://member.premera.com/polyfills.0bf764a5272a312e1e76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://member.premera.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Apr 2022 12:09:43 GMT
content-type: text/plain
access-control-allow-origin: https://member.premera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1795008414&t=pageview&_s=1&dl=https%3A%2F%2Fmember.premera.com%2F&dr=https%3A%2F%2Fgo1.premera.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Premera%20Blue%20Cross%20%7C%20Member&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjB~&jid=542124651&gjid=506822920&cid=1944494523.1648814983&tid=UA-12362720-4&_gid=1452778456.1648814983&z=237677988

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 10:47:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4928
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 194ms
78ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12362720-4&cid=1944494523.1648814983&jid=542124651&_u=aGBAiEAjBAAAAE~&z=159491939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 193ms
78ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12362720-4&cid=1944494523.1648814983&jid=542124651&_u=aGBAiEAjBAAAAE~&z=159491939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://member.premera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 10 KB
785 B 122ms
61ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Requested by

Host: premera.saas.secureauth.com
URL: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 11:42:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 12:09:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 12:09:43 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
570 B 157ms
97ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 11:52:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 12:09:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 12:09:43 GMT

GET
H2 200 bootstrap.css
premera.saas.secureauth.com/SecureAuth30/assets/vendors/bootstrap-sass/assets/stylesheets/ 178 KB
25 KB 170ms
169ms Stylesheet
text/css 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/SecureAuth30/assets/vendors/bootstrap-sass/assets/stylesheets/bootstrap.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

fd7aeeb3a4f0456856118068e61ee5c75955b30b5c341d64843236bfaea9fbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2018 16:52:46 GMT
server: Microsoft-IIS/8.5
etag: "043bdecfc95d31:0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 25141
x-xss-protection: 1; mode=block

GET
H2 200 MFAStyleSheet.css
premera.saas.secureauth.com/SecureAuth30/Themes/Premera%20Theme%20v3/ 32 KB
6 KB 174ms
173ms Stylesheet
text/css 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/SecureAuth30/Themes/Premera%20Theme%20v3/MFAStyleSheet.css?version=9.2.0.100

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

c3ee3e25be623a9a73759aa57af1607c5d0bac3396c00b5c1b9bddc6510338b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 11:29:10 GMT
server: Microsoft-IIS/8.5
etag: "0c77682f9ed61:0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 5511
x-xss-protection: 1; mode=block

GET
H2 200 WebResource.axd Show response
premera.saas.secureauth.com/secureauth30/ 162 KB
30 KB 338ms
337ms Script
text/javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/WebResource.axd?d=4xrQC_NZncspxebrSEykmbml1uCpqdru2oFLVQ8iCGKmqaav1wfOGM7iLTvm_iQEasLNcobvfvtBgiqOsGcijlU0x5PUb9SoYFjXMCWjY0h_uZteNFHcpaSMCh98fWJ46I3AxA2&t=636749272440000000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

778e1ba539c2ba31a3905860ee9bc1105cc50895310b138f439e23df833b2dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: no-cache, no-store,no-store
strict-transport-security: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 30033
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 WebResource.axd Show response
premera.saas.secureauth.com/secureauth30/ 23 KB
6 KB 188ms
187ms Script
application/x-javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZEV4UUOlPqmaQpKyhOGuZLR6dIFKidoFE0UKiA_zAjts77-_wQ2&t=637110248437816177

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: no-cache, no-store,no-store
strict-transport-security: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 6007
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 WebResource.axd Show response
premera.saas.secureauth.com/secureauth30/ 26 KB
8 KB 337ms
336ms Script
application/x-javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/WebResource.axd?d=x2nkrMJGXkMELz33nwnakP1CBWFoOAh7rDnk8rWt3q7uxt616UVzF9bMxSsEbn_d0eJaE2eSN-oeqlJ-Owob511u6_U1&t=637110248437816177

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: no-cache, no-store,no-store
strict-transport-security: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 7228
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 WebResource.axd Show response
premera.saas.secureauth.com/secureauth30/ 3 KB
2 KB 187ms
187ms Script
application/x-javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/WebResource.axd?d=JoBkLzP19aTuxbWOhHobYlAf90UPXpGAqIBOYXFJXf2onqEhL6QU2FKXTPWY-wyeNHmMPQ2&t=637110248437816177

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Resource Hash

144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: no-cache, no-store,no-store
strict-transport-security: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 978
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 PBC_Blue.png
premera.saas.secureauth.com/SecureAuth30/Images/ 9 KB
10 KB 337ms
337ms Image
image/png 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://premera.saas.secureauth.com/SecureAuth30/Images/PBC_Blue.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

922b0f8903cff7826729b80fc4e6488e045bfe41dee303f2a2e982c234baf4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Apr 2019 13:32:54 GMT
server: Microsoft-IIS/8.5
etag: "047518d34fcd41:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
content-length: 9589
x-xss-protection: 1; mode=block

GET
H2 200 app.min.js
premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/ 857 KB
203 KB 171ms
170ms Script
application/javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/app.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 11:29:10 GMT
server: Microsoft-IIS/8.5
etag: "0c77682f9ed61:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 206763
x-xss-protection: 1; mode=block

GET
H2 200 config.js Show response
premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/ 461 B
952 B 337ms
337ms Script
application/javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/config.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

c4c4311e84da90107bfa889e2cdacf13db7204fc00a70cf94c02606002dddaab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Mar 2020 17:26:24 GMT
server: Microsoft-IIS/8.5
etag: "0a01d30caf7d51:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 285
x-xss-protection: 1; mode=block

GET
H2 200 theme.js Show response
premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/ 15 KB
4 KB 337ms
336ms Script
application/javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/theme.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

8bb9209c0d1a24ab9087ce371cb49ff8cee3243942b7cb19f5fdbe1d132d2d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 11:29:10 GMT
server: Microsoft-IIS/8.5
etag: "0c77682f9ed61:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 3930
x-xss-protection: 1; mode=block

GET
H2 200 sessionTimeout.min.js Show response
premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/ 5 KB
2 KB 337ms
337ms Script
application/javascript 52.25.56.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://premera.saas.secureauth.com/secureauth30/Themes/Premera%20Theme%20v3/sessionTimeout.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.56.57 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-56-57.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

7020cf2bdebe9e6a4f602a63ee1566f4d27a8da2dffb6bb385ee866e0a65e424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Oct 2020 11:29:10 GMT
server: Microsoft-IIS/8.5
etag: "0c77682f9ed61:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
vary: Accept-Encoding
content-length: 1184
x-xss-protection: 1; mode=block

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/premera/prod/ 199 KB
64 KB 8ms
7ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/premera/prod/Bootstrap.js
Requested by: Host: premera.saas.secureauth.com
URL: https://premera.saas.secureauth.com/SecureAuth30/SecureAuth.aspx?client_id=28807071eede4540964e290435eae680&redirect_uri=https://member.premera.com/callback&response_type=id_token+token&scope=openid+phone+email&state=69b42ab13f27410fb490be8f80a61064&nonce=ebc75c3b6e6b46b5a7a0351b7c93fd06&response_mode=fragment
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8042d703a7a6d539173416cbbf7127ebc2859bf40c0ffc5c00e5e49180d5b558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premera.saas.secureauth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 12:09:43 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 01:03:22 GMT
server: nginx
etag: W/"602f0e5a-31a11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 165ms
53ms Font
font/woff2 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premera.saas.secureauth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 37403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET id
dpm.demdex.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: member.premera.com
URL: https://member.premera.com/assets/pbc.css

Domain: member.premera.com
URL: https://member.premera.com/assets/pbc.css

Domain: contentservices.premera.com
URL: https://contentservices.premera.com/api/v1.0/content/componentstate

Domain: contentservices.premera.com
URL: https://contentservices.premera.com/api/v1.0/content/componentstate

Domain: contentservices.premera.com
URL: https://contentservices.premera.com/api/v1.0/content/componentstate

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BDAEC94A5A200BBD0A495DEF%40AdobeOrg&d_nsid=0&ts=1648814984265

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go1.premera.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !qjFYuuhr5TKtLdUZpELS1flvGHm9g22KYnHByV6KHhjRj3MPvRP4mRnpGroD6vUOYcKvShuy60dR1as=
.go1.premera.com/	1970-01-20 02:00:16	Name: __cf_bm Value: v4ceXiqP5At8anGq2fFcDmSJuUCG4AOs17w8V5TZ5Yw-1648814980-0-AY/8pTiciFEOgvOIFsxV09wyDb737cNUPBg/RTXOqKq54ZI9r+PdM31mU5u/VtH0QQM337VyetrGGyZIyCBDi1s=
.premera.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_9_sn_478FA47FAADB7821889B66B13EC8E769_perc_100000_ol_0_mul_1_app-3A6cbe104c82e9b82e_1
.member.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: a09e28776a0277984fc93ee95cb90bc4dfc4d133658f8968f57840504b6b05a6
.member.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: a09e28776a0277984fc93ee95cb90bc4dfc4d133658f8968f57840504b6b05a6
.premera.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1648814981341R3KNEK0IA1M9NVDR0QKNPGT88EJNGQPL
.premera.com/	1969-12-31 23:59:59	Name: dtLatC Value: 267
.premera.com/	1969-12-31 23:59:59	Name: at_check Value: true
.premera.com/	1970-01-20 02:00:16	Name: mboxEdgeCluster Value: 37
.premera.com/	1970-01-20 06:23:46	Name: pbcLocale Value: en-us
.premera.com/	1969-12-31 23:59:59	Name: pbcReturnUrl Value: %2Fdashboard%3Feml%3DPBCWA%3AMKTG%3Amember%3Apaccar_useplan_032422%3Amyaccount%26mkt_tok%3DODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA
.premera.com/	1969-12-31 23:59:59	Name: dtSa Value: false%7Cxhr%7C6%7Cg2.0.0%7Cg2.0.0%7C1648814982756%7C14981339_829%7Chttps%3A%2F%2Fmember.premera.com%2Fsign-in%3Feml%3DPBCWA%3AMKTG%3Amember%3Apaccar_5Fuseplan_5F032422%3Amyaccount%26mkt_5Ftok%3DODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_5FAJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA%7CPremera%20Blue%20Cross%20%5Ep%20Member%7C%7C%7C
.premera.com/	1969-12-31 23:59:59	Name: rxvt Value: 1648816782799\|1648814981342
.premera.com/	1970-01-20 19:32:53	Name: AMCV_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: T
.premera.com/	1969-12-31 23:59:59	Name: check Value: true
member.premera.com/	1970-01-20 10:45:50	Name: ai_user Value: tzpSW\|2022-04-01T12:09:42.863Z
.demdex.net/	1970-01-20 06:19:26	Name: demdex Value: 17102872833585495171713177156854822343
member.premera.com/	1969-12-31 23:59:59	Name: AMCVS_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: 1
.premera.com/	1970-01-20 19:31:26	Name: s_ecid Value: MCMID%7C16876210493344286551662363527947321381
member.premera.com/	1970-01-20 02:00:16	Name: ai_session Value: Ofsx4\|1648814983046.5\|1648814983046.5
.premera.com/	1970-01-20 19:31:26	Name: _ga Value: GA1.2.1944494523.1648814983
.premera.com/	1970-01-20 02:01:41	Name: _gid Value: GA1.2.1452778456.1648814983
.everesttech.net/	1970-01-20 10:45:50	Name: everest_g_v2 Value: g_surferid~YkbrhwAAAMOjUgO1
.premera.com/	1970-01-20 19:34:19	Name: mbox Value: session#db105a714ff6467ab0d5b208602c8a84#1648816842\|PC#db105a714ff6467ab0d5b208602c8a84.37_0#1712059784
.dpm.demdex.net/	1970-01-20 06:19:26	Name: dpm Value: 17102872833585495171713177156854822343
member.premera.com/	1970-01-20 19:32:53	Name: AMCV_BDAEC94A5A200BBD0A495DEF%40AdobeOrg Value: 1406116232%7CMCIDTS%7C19084%7CMCMID%7C16876210493344286551662363527947321381%7CMCAAMLH-1649419782%7C6%7CMCAAMB-1649419782%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1648822182s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19091%7CvVersion%7C2.5.0
.premera.com/	1970-01-20 02:43:26	Name: s_nr Value: 1648814983152-New
.premera.com/	1970-01-21 04:17:02	Name: s_days Value: 1648814983154
.premera.com/	1970-01-20 02:00:16	Name: s_days_s Value: First%20Visit
.premera.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.premera.com/	1970-01-20 02:00:15	Name: _gat Value: 1
member-edge.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityEdgeCORS Value: d04616e3fd3a7781f5bef89453c24a1e
member-edge.premera.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityEdge Value: d04616e3fd3a7781f5bef89453c24a1e
premera.saas.secureauth.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId30 Value: 1cur5fsbmgsr0kwx5x3w0agm
.premera.com/	1969-12-31 23:59:59	Name: dtPC Value: 9$14981339_829h-vQPOCSJCNFMGGMMLCPPRFKWOEHFULIHAH-0
premera.saas.secureauth.com/	1970-01-20 02:10:19	Name: AWSALB Value: fW4+NzVMQ1FH4s3pH2ChX4chteROGGIDq5VI++RYIrzIJVqOcwKxHJawBaPz8OfAEh7lbY19O+a9CyleMgOLXVa0jR+r4UqqVcxzCNYZGXoJQ4BFWWkEHbGiBhf4
premera.saas.secureauth.com/	1970-01-20 02:10:19	Name: AWSALBCORS Value: fW4+NzVMQ1FH4s3pH2ChX4chteROGGIDq5VI++RYIrzIJVqOcwKxHJawBaPz8OfAEh7lbY19O+a9CyleMgOLXVa0jR+r4UqqVcxzCNYZGXoJQ4BFWWkEHbGiBhf4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA Message: Refused to apply style from 'https://member.premera.com/assets/pbc.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://member.premera.com/sign-in?eml=PBCWA:MKTG:member:paccar_useplan_032422:myaccount&mkt_tok=ODU3LVlHUi02NTkAAAGDf3bCAmlU3Rtneq5eNVzQJNpZYVnRET-9qXYfzPhYzwXdTm2l_AJwTktsV9lu7MmF2zAo8HXZ2gcTvuCO6bk58No-2TH0vS2CybD89z96dQnJVA Message: Refused to apply style from 'https://member.premera.com/assets/pbc.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
contentservices.premera.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
go1.premera.com
mboxedge37.tt.omtrdc.net
member-edge.premera.com
member.premera.com
nexus.ensighten.com
premera.demdex.net
premera.saas.secureauth.com
premera.tt.omtrdc.net
smetrics.premera.com
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
contentservices.premera.com
dpm.demdex.net
member.premera.com
104.17.73.206
15.236.176.210
18.195.42.228
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:125e
2a00:1450:4001:800::2004
2a00:1450:4001:803::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:400c:c00::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::7
34.249.134.87
40.91.73.27
52.16.70.86
52.211.96.107
52.247.202.34
52.25.56.57
54.216.2.121
0b72e8754f4b8ca49699c91863b662185d8b8d74178b13c7c4e38064c7a6fad0
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
2b02271aa0d455ab4cd2f98ecfbd225a0b625e6b45a1daf0457df06ac55967a2
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f
514a7f75fdd530eb8da51f8fc1868a40de0c90c0b25a25bbf0b7d89a5a76a334
5c51f6f7677a25adb51ed11d745f3ccff635805362296e7dd643d7f5b8729ff6
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
7020cf2bdebe9e6a4f602a63ee1566f4d27a8da2dffb6bb385ee866e0a65e424
778e1ba539c2ba31a3905860ee9bc1105cc50895310b138f439e23df833b2dfe
78acf2126a634507f19fdf32d51e7e123938035a65edd07d37cda567896460f1
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
8042d703a7a6d539173416cbbf7127ebc2859bf40c0ffc5c00e5e49180d5b558
85a9d324172b5da256951cbbe8f325b35075611997580f76aeaa0f1cf033bda8
8bb9209c0d1a24ab9087ce371cb49ff8cee3243942b7cb19f5fdbe1d132d2d14
8faef489c1a8a5a473bf8424c14508dd19c380fb1b1c41c41657fb6e3db976a7
922b0f8903cff7826729b80fc4e6488e045bfe41dee303f2a2e982c234baf4c8
aca18e508da40bce6e8eda79ddb61e15a767922ff9250a308866252fe841850b
c3ee3e25be623a9a73759aa57af1607c5d0bac3396c00b5c1b9bddc6510338b5
c4c4311e84da90107bfa889e2cdacf13db7204fc00a70cf94c02606002dddaab
c5f7d00591a9cb1d063b3deee61c21bb899821ec0d64d445762830987c910b03
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
caa6118aae97635873fe8377b9e3e5d89a4e2c4fdafbb1e248246f99d71a7e06
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0859d4e1ab27764979134611d6d216bf0fda2343ed71bfb8b0113fca1362b51
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
fd7aeeb3a4f0456856118068e61ee5c75955b30b5c341d64843236bfaea9fbda

premera.saas.secureauth.com Open in urlscan Pro 52.25.56.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

89 %HTTPS

52 %IPv6

17 Domains

23 Subdomains

21 IPs

6 Countries

1310 kBTransfer

4997 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

premera.saas.secureauth.com Open in urlscan Pro
52.25.56.57 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

89 %
HTTPS

52 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1310 kB
Transfer

4997 kB
Size

37
Cookies

63 HTTP transactions
0 data transactions