Submitted URL: https://click.yourpharmacybenefits.com/?qs=263ba31b4ac1d3365c9f3081d0f229059f684035da108ff057d840d364a256dd079a1adf81fdd0de6113984eada3...
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On April 26 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 39 HTTP transactions. The main IP is 168.183.53.8, located in and belongs to . The main domain is www.healthsafe-id.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 8th 2023. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.148.8 22606 (EXACT-7)
1 11 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 4 63.33.154.254 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.31.11.204 16509 (AMAZON-02)
3 63.140.62.164 15224 (OMNITURE)
1 1 52.213.24.209 16509 (AMAZON-02)
1 1 168.183.36.21 10879 (UHC)
2 3 168.183.53.8 ()
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2 172.217.23.98 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
1 69.169.85.6 29838 (AMC)
3 13.69.106.88 8075 (MICROSOFT...)
39 15
Apex Domain
Subdomains
Transfer
12 optumrx.com
specialty.optumrx.com
specialtycms.optumrx.com
346 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 61913
7 KB
4 optum.com
smetrics.optum.com — Cisco Umbrella Rank: 55392
sso.optum.com — Cisco Umbrella Rank: 94904
2 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 430
81 KB
3 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 1066
304 B
3 healthsafe-id.com
www.healthsafe-id.com
5 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
957 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
64 KB
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 3359
72 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
265 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1718
258 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1516
517 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
78 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3331
45 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
24 KB
1 yourpharmacybenefits.com
click.yourpharmacybenefits.com — Cisco Umbrella Rank: 331223
255 B
39 16
Domain Requested by
11 specialty.optumrx.com 1 redirects specialty.optumrx.com
4 dpm.demdex.net 1 redirects specialty.optumrx.com
4 assets.adobedtm.com specialty.optumrx.com
assets.adobedtm.com
3 dc.services.visualstudio.com specialty.optumrx.com
3 www.healthsafe-id.com 2 redirects specialty.optumrx.com
www.healthsafe-id.com
3 smetrics.optum.com specialty.optumrx.com
2 cm.g.doubleclick.net 2 redirects
2 www.youtube.com assets.adobedtm.com
www.youtube.com
1 global.ib-ibi.com
1 match.adsrvr.org
1 region1.google-analytics.com www.googletagmanager.com
1 specialtycms.optumrx.com
1 sso.optum.com 1 redirects
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 www.googletagmanager.com assets.adobedtm.com
1 js.monitor.azure.com specialty.optumrx.com
1 code.jquery.com specialty.optumrx.com
1 click.yourpharmacybenefits.com 1 redirects
39 19

This site contains no links.

Subject Issuer Validity Valid
specialty-prod-certs.optumrx.com
COMODO RSA Organization Validation Secure Server CA
2023-04-13 -
2024-04-12
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01
2023-03-23 -
2024-03-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
smetrics.optum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-04-21
a year crt.sh
healthsafeid-hcc.optum.com
COMODO RSA Organization Validation Secure Server CA
2023-04-08 -
2024-04-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
specialtycms.optumrx.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-23 -
2023-07-23
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-21 -
2024-04-02
a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05
2023-02-04 -
2024-01-30
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR8fT46ea%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0
Frame ID: 703822B7BB638A91AC67AD6D74B7199E
Requests: 33 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 57CDAC8028B6243F995C290D541A1E80
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://click.yourpharmacybenefits.com/?qs=263ba31b4ac1d3365c9f3081d0f229059f684035da108ff057d840d364a256dd079a1adf... HTTP 302
    https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call:::: Page URL
  2. https://specialty.optumrx.com/patients/login HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?portal=osp&response_type=code&client_id=HSIDBVRX... HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/osp/en?resume=/as/0PR8fT46ea/resume/as/authorization.ping&spe... HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

79 %
HTTPS

39 %
IPv6

16
Domains

19
Subdomains

15
IPs

4
Countries

646 kB
Transfer

1909 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.yourpharmacybenefits.com/?qs=263ba31b4ac1d3365c9f3081d0f229059f684035da108ff057d840d364a256dd079a1adf81fdd0de6113984eada385dd38ed9f143d3d3ccdb8f1574a050ec2f8 HTTP 302
    https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call:::: Page URL
  2. https://specialty.optumrx.com/patients/login HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?portal=osp&response_type=code&client_id=HSIDBVRX10039&pfidpadapterid=HsidNewUIOidc&redirect_uri=https%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile&scope=openid%20profile HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/osp/en?resume=/as/0PR8fT46ea/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://specialty.optumrx.com/patients/auth/profile&portal=osp&client_id=HSIDBVRX10039 HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiQXVBcGEySzhSUEtFbkNBS21scVhmWnQyMkc0Iiwic3VmZml4IjoiMHo5MVZuLjE2ODI1MDY5MDkifQ..H7twwMqSHWjKKtkl0n7spg.1lSHz2YCYJYXhZVhdI-HQaG1nAIgE9ij97iCWStHyzBWklgfUCBV9Pzhws-0qwoArIY76EoRfo6vuIIlIhyOEY7rdZOZLYFFVlPwvuPF9ZnHaNEmneRml2cd2vAR4vv27xQZh68HNIKdm20TacsVi1aStnvX0CHXhOXIhiN4eg99b9znAPSxiwQD0oe6ba8nvDt4XVH7m59s5IHQMSq_KA6BFbgSSmiREgQJ8N1z0t6uJqaXCOJjPplrGdcTrzsJH7eq3yl1-IJCVb3QDI2hqcMQDfUWhIUEZt3VWvmghTR9I22jPweQKls0MMtV7ikR.zW8FAQSrWTzFLjEa7U4GeQ&nonce=QgQC0VI8ysqjYeEb_FcCwDU6Y20zw8-jJ0eAJZ0TEZk&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR8fT46ea%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&vnd_pi_application_name=HSIDProdRTApp HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR8fT46ea%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.yourpharmacybenefits.com/?qs=263ba31b4ac1d3365c9f3081d0f229059f684035da108ff057d840d364a256dd079a1adf81fdd0de6113984eada385dd38ed9f143d3d3ccdb8f1574a050ec2f8 HTTP 302
  • https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Request Chain 12
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386
Request Chain 17
  • https://cm.everesttech.net/cm/dd?d_uuid=06772869682048057033168778813777936953 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEkDbQAAAGbucgNn
Request Chain 25
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY3NzI4Njk2ODIwNDgwNTcwMzMxNjg3Nzg4MTM3Nzc5MzY5NTM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDY3NzI4Njk2ODIwNDgwNTcwMzMxNjg3Nzg4MTM3Nzc5MzY5NTM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBciPbOZYjKYx_o64-ur3AM&google_cver=1?gdpr=0&gdpr_consent=

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
login
specialty.optumrx.com/patient/
Redirect Chain
  • https://click.yourpharmacybenefits.com/?qs=263ba31b4ac1d3365c9f3081d0f229059f684035da108ff057d840d364a256dd079a1adf81fdd0de6113984eada385dd38ed9f143d3d3ccdb8f1574a050ec2f8
  • https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
13 KB
6 KB
Document
General
Full URL
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1e9ac7f8b31b32971de00c6847b5afbe919555885537328891f5cc20eedf51e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, no-cache, max-age=0, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 10:56:44 GMT
server-timing
dtSInfo;desc="0", dtRpid;desc="-286799483"
vary
Accept-Encoding
x-azure-ref
0bANJZAAAAAClz1t9CgjOQ4OkHP89ZsOQRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
x-cache
CONFIG_NOCACHE
x-oneagent-js-injection
true
x-ruxit-js-agent
true

Redirect headers

Cache-Control
private
Connection
close
Content-Length
197
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Apr 2023 10:56:43 GMT
Location
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
specialty.optumrx.com/patient/api/
255 KB
96 KB
Script
General
Full URL
https://specialty.optumrx.com/patient/api/ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3edc5ba2927089d27a1578afc8c028458111a8278208bf45c49726c3c5e7b96c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:44 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
x-azure-ref
0bANJZAAAAAAtaGb8UFxQTqWYdk79P3dVRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
x-cache
CONFIG_NOCACHE
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
98251
expires
Thu, 25 Apr 2024 10:56:45 GMT
webpack-8ca72b2f06c26fd1.js
specialty.optumrx.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://specialty.optumrx.com/_next/static/chunks/webpack-8ca72b2f06c26fd1.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b769c30deab49e223d891864b0469e3258ed30b0a8b13ba60f678d25e45d6ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:44 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"f43-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bANJZAAAAAAF7HDIe9mWS4LzSk1Q7Wc/RlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="-2133311158"
accept-ranges
bytes
framework-34ae0f2c4b5db51c.js
specialty.optumrx.com/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://specialty.optumrx.com/_next/static/chunks/framework-34ae0f2c4b5db51c.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
070aebee4c79bd020c5349fdb796770178efd6d3ea6ee117fd5d15abd294dd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:44 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"22913-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bANJZAAAAAA076ISCZJzTIsq2RCvPvaqRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="-649362835"
accept-ranges
bytes
main-54f7ddd0bbdcbf38.js
specialty.optumrx.com/_next/static/chunks/
104 KB
31 KB
Script
General
Full URL
https://specialty.optumrx.com/_next/static/chunks/main-54f7ddd0bbdcbf38.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
61a64dc9b8891b3016f64d73dcf325a224fb1da48aef0a2358a269616ba195ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"1a117-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bQNJZAAAAADVq4rUGaslSqukpyfjmDvqRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="-2028078768"
accept-ranges
bytes
_app-54d7eb987e20e9f1.js
specialty.optumrx.com/_next/static/chunks/pages/
459 KB
133 KB
Script
General
Full URL
https://specialty.optumrx.com/_next/static/chunks/pages/_app-54d7eb987e20e9f1.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bae4dae57e48273f4785f8b1cc8b7aa93c6295adc8c64629510a03e66bf0f88a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"72c0d-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bQNJZAAAAACKrS5QoIjDQKlwqI2JiYH/RlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="662548650"
accept-ranges
bytes
login-9e60c77dd59a74b8.js
specialty.optumrx.com/_next/static/chunks/pages/patient/
1 KB
954 B
Script
General
Full URL
https://specialty.optumrx.com/_next/static/chunks/pages/patient/login-9e60c77dd59a74b8.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9623e0ddb3fb3688c409d5345429bebd59eb5015533f2c0d575a868265fea6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"50e-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bQNJZAAAAACEzpUQM8jzTLRXgwBIyA8qRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="-1204048971"
accept-ranges
bytes
_buildManifest.js
specialty.optumrx.com/_next/static/UhJdAPgcbVJVBhTRKW0FE/
4 KB
1 KB
Script
General
Full URL
https://specialty.optumrx.com/_next/static/UhJdAPgcbVJVBhTRKW0FE/_buildManifest.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cb866f98da28c67b675b23b961f3eefa1c57cdd623928eb79b0c693906d882b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"1028-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bQNJZAAAAAD7/yLE6jreSJxLayeS8BU/RlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="857940377"
accept-ranges
bytes
_ssgManifest.js
specialty.optumrx.com/_next/static/UhJdAPgcbVJVBhTRKW0FE/
76 B
279 B
Script
General
Full URL
https://specialty.optumrx.com/_next/static/UhJdAPgcbVJVBhTRKW0FE/_ssgManifest.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
last-modified
Wed, 29 Mar 2023 18:42:28 GMT
etag
W/"4c-1872eadb220"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=UTF-8
x-azure-ref
0bQNJZAAAAABx2DtKq2jzSKW5jD+GoIwLRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
cache-control
public, max-age=31536000, immutable
server-timing
dtSInfo;desc="0", dtRpid;desc="-2066029141"
accept-ranges
bytes
content-length
76
jquery-3.6.0.slim.min.js
code.jquery.com/
71 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Referer
https://specialty.optumrx.com/
Origin
https://specialty.optumrx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:44 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-11ab4"
vary
Accept-Encoding
x-hw
1682506604.dop152.am5.t,1682506604.cds250.am5.hn,1682506604.cds300.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24587
launch-7f3704dcf291.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/
254 KB
67 KB
Script
General
Full URL
https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a2::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
825d7b44f8e4a0fa577e5cd41420cdf873c19269e0512ee7eef7d2cfddddbf15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 21:09:51 GMT
server
AkamaiNetStorage
etag
"3617fb42a0d6583804e853b9bb82d61e:1680556191.297339"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://specialty.optumrx.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
68008
expires
Wed, 26 Apr 2023 11:56:45 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/
119 KB
45 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679a89792c6667a5ef5606e009328640dc1ba78b04f8c876378748967221fa48

Request headers

Referer
https://specialty.optumrx.com/
Origin
https://specialty.optumrx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
br
x-azure-ref-originshield
0QAJJZAAAAAAFs9T4NeGNQaWzh3XXml1QRlJBMjMxMDUwNDE3MDMxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
zWY0NXWjjbYukuOB0DFkQA==
x-cache
TCP_HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.12.min.js
last-modified
Thu, 20 Apr 2023 16:17:33 GMT
x-ms-meta-aijssdkver
2.8.12
etag
0x8DB41BABF930B6F
x-azure-ref
0bQNJZAAAAACOVlQGcskjSrsgiiwQ2H7IRlJBMzFFREdFMDQxNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2cb20dd4-101e-007f-5e2b-78e394000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386
976 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Protocol
HTTP/1.1
Server
63.33.154.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-154-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5bc4897bd9f4a7d83063fe36c8d507a3c6494e56948ff847742a6e2efd7f187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v047-02030cf90.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ma3AOv7RQgM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://specialty.optumrx.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
559
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-07254b181.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
k1g1CaADRJY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://specialty.optumrx.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1682506605386
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
34 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a2::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://specialty.optumrx.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Wed, 26 Apr 2023 11:56:45 GMT
js
www.googletagmanager.com/gtag/
222 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HWWZ3TW7V2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Apr 2023 10:56:45 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame 57CD
7 KB
3 KB
Document
General
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.11.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://specialty.optumrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v047-0e443224b.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VqzZ8x1YQS4=
content-encoding
gzip
date
Wed, 26 Apr 2023 10:56:45 GMT
last-modified
Wed, 12 Apr 2023 10:20:58 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.optum.com/
48 B
461 B
XHR
General
Full URL
https://smetrics.optum.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=04728190998093398222598644146050309584&ts=1682506605738
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/api/ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://specialty.optumrx.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://specialty.optumrx.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZEkDbQAAAGbucgNn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=06772869682048057033168778813777936953
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEkDbQAAAGbucgNn
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEkDbQAAAGbucgNn
Protocol
HTTP/1.1
Server
63.33.154.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-154-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v047-0039aee26.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MNcsCR5fRaU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZEkDbQAAAGbucgNn
Date
Wed, 26 Apr 2023 10:56:45 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
RCcbdbb2cd29e14c15bce16f9bcb9d47ad-source.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/
2 KB
993 B
Script
General
Full URL
https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/RCcbdbb2cd29e14c15bce16f9bcb9d47ad-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a2::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 21:09:52 GMT
server
AkamaiNetStorage
etag
"91aebced7545c3662c652ec4fc44a00b:1680556192.048829"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://specialty.optumrx.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
724
expires
Wed, 26 Apr 2023 11:56:45 GMT
Primary Request login
www.healthsafe-id.com/rt/
Redirect Chain
  • https://specialty.optumrx.com/patients/login
  • https://sso.optum.com/ext/as/authorization.oauth2?portal=osp&response_type=code&client_id=HSIDBVRX10039&pfidpadapterid=HsidNewUIOidc&redirect_uri=https%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fau...
  • https://www.healthsafe-id.com/rt/secure/auth/osp/en?resume=/as/0PR8fT46ea/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_...
  • https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR...
5 KB
0
Document
General
Full URL
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR8fT46ea%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/_next/static/chunks/pages/patient/login-9e60c77dd59a74b8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.53.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Apr 2023 10:56:50 GMT
Expires
0
Pragma
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-2003743446"
Strict-Transport-Security
max-age=300; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-ctc-3
X-ruxit-JS-Agent
true

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; frame-src *;
Content-Type
text/html;charset=utf-8
Date
Wed, 26 Apr 2023 10:56:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FXiBeKHu34A%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2F0PR8fT46ea%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0
Pragma
no-cache
Referrer-Policy
origin
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1159265513"
Strict-Transport-Security
max-age=300; includeSubDomains
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
X-ps-id
hsid-prod-ctc-3
X-ruxit-JS-Agent
true
rb_956e9318-977f-41b9-8214-a38c2ce748a2
specialty.optumrx.com/patient/api/
122 B
289 B
Ping
General
Full URL
https://specialty.optumrx.com/patient/api/rb_956e9318-977f-41b9-8214-a38c2ce748a2?type=js3&sn=v_4_srv_38_sn_A41350735C275DBD913E0D30D2371AFA_perc_100000_ol_0_mul_1_app-3A24e216029dc34234_1&svrid=38&flavor=post&vi=SMMRCBAGLGCDNQHBFPGPKLLNKTBOCCFS-0&modifiedSince=1682465696854&rf=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&bp=3&app=24e216029dc34234&crc=2259726944&en=ar4mz09u&end=1
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/api/ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:247Call::::
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 10:56:45 GMT
content-length
122
x-azure-ref
0bQNJZAAAAAAZCnxojaYRTZzKp70FwKUrRlJBMzFFREdFMDMxNAA2M2NjN2JkMC0wMWM5LTQwZTgtOGM5Mi01YTc2OTdjZmFjOGM=
x-cache
CONFIG_NOCACHE
content-type
text/plain; charset=utf-8
iframe_api
www.youtube.com/
1 KB
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 26 Apr 2023 10:56:45 GMT
OptumSans-Regular.woff2
specialtycms.optumrx.com/sites/default/files/fonts/
29 KB
29 KB
Font
General
Full URL
https://specialtycms.optumrx.com/sites/default/files/fonts/OptumSans-Regular.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://specialty.optumrx.com/
Origin
https://specialty.optumrx.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
last-modified
Thu, 14 Apr 2022 02:51:00 GMT
x-azure-ref-originshield
04wJJZAAAAADbPHxdvpi2RLcWvS2LWfzcRlJBMjMxMDUwNDE3MDM1ADEwZTViY2QzLWM1YjEtNGI5Ni1hYTBkLWRlYmJjYmJiOTQ5Zg==
etag
"7284-5dc945d3aea01"
x-azure-ref
0bgNJZAAAAAAJqQ6u8XxRQJwzi9a8L7UERlJBMzFFREdFMDMwOQAxMGU1YmNkMy1jNWIxLTRiOTYtYWEwZC1kZWJiY2JiYjk0OWY=
x-cache
TCP_HIT
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
29316
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HWWZ3TW7V2&gtm=45je34j0&_p=1298104445&cid=1033005192.1682506606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682506605&sct=1&seg=0&dl=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HWWZ3TW7V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 10:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://specialty.optumrx.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RCc8af4519508b4f37a78b6d2f9a413b96-source.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/RCc8af4519508b4f37a78b6d2f9a413b96-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/launch-7f3704dcf291.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a2::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:56:45 GMT
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 21:09:52 GMT
server
AkamaiNetStorage
etag
"91aebced7545c3662c652ec4fc44a00b:1680556192.048829"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://specialty.optumrx.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
915
expires
Wed, 26 Apr 2023 11:56:45 GMT
s74466033670163
smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/
43 B
201 B
Image
General
Full URL
https://smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/s74466033670163?AQB=1&ndh=1&pf=1&t=26%2F3%2F2023%2010%3A56%3A45%203%200&mid=04728190998093398222598644146050309584&aamlh=6&ce=UTF-8&pageName=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&g=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&cc=USD&v0=em%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=optum&v2=optumrxspecialty&v3=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247call%3A%3A%3A%3A&v6=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin&v16=no%20value&v23=not%20logged%20in&c25=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&v25=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&v36=self&v39=specialty&v71=en&v72=04728190998093398222598644146050309584&v90=20230426%2010%3A56%3A45&v131=public&v132=patient&v180=ACDL_PageView_Event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 10:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 10:56:45 GMT
server
jag
etag
3613155422833672192-4619639954282915756
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 25 Apr 2023 10:56:45 GMT
ibs:dpid=771&dpuuid=CAESEBciPbOZYjKYx_o64-ur3AM&google_cver=1
dpm.demdex.net/ Frame 57CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY3NzI4Njk2ODIwNDgwNTcwMzMxNjg3Nzg4MTM3Nzc5MzY5NTM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDY3NzI4Njk2ODIwNDgwNTcwMzMxNjg3Nzg4MTM3Nzc5MzY5NTM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBciPbOZYjKYx_o64-ur3AM&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBciPbOZYjKYx_o64-ur3AM&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
63.33.154.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-154-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-03e196a76.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tnN8MQXiTCg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 10:56:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBciPbOZYjKYx_o64-ur3AM&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s72752800645631
smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/
43 B
121 B
Image
General
Full URL
https://smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/s72752800645631?AQB=1&ndh=1&pf=1&t=26%2F3%2F2023%2010%3A56%3A45%203%200&mid=04728190998093398222598644146050309584&aamlh=6&ce=UTF-8&pageName=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&g=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=optum&v2=optumrxspecialty&v3=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247call%3A%3A%3A%3A&v6=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin&v16=no%20value&v23=not%20logged%20in&c25=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&v25=optum%3Aoptumrxspecialty%3Apublic%3Apatient%3Alogin&v36=self&v39=specialty&v71=en&v72=04728190998093398222598644146050309584&v90=20230426%2010%3A56%3A45&v131=public&v132=patient&v180=ACDL_PageView_Event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 10:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 10:56:45 GMT
server
jag
etag
3613155423355797504-4619785715489064376
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 25 Apr 2023 10:56:45 GMT
www-widgetapi.js
www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/
184 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://specialty.optumrx.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:28:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63257
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 02:50:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Apr 2024 10:28:17 GMT
generic
match.adsrvr.org/track/cmf/ Frame 57CD
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=specialty.optumrx.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Apr 2023 10:56:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
image.sbix
global.ib-ibi.com/ Frame 57CD
0
72 B
Image
General
Full URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=06772869682048057033168778813777936953
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.85.6 Woodbridge, United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://specialty.optumrx.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 26 Apr 2023 10:56:45 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/
96 B
304 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: specialty.optumrx.com
URL: https://specialty.optumrx.com/patient/api/ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://specialty.optumrx.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
EF9CC5A6-D8FA-42BA-98F8-8619C2717C54
strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 10:56:46 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://specialty.optumrx.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 26 Apr 2023 10:56:49 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/
0
0

collect
region1.google-analytics.com/g/
0
0

collect
region1.google-analytics.com/g/
0
0

bundles-average.js
www.healthsafe-id.com/assets/
0
0

ruxitagentjs_ICA27NVdefghjqrtux_10259230221142207.js
www.healthsafe-id.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HWWZ3TW7V2&gtm=45je34j0&_p=1298104445&cid=1033005192.1682506606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682506605&sct=1&seg=0&dl=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&dt=&en=scroll&epn.percent_scrolled=90&_et=4
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HWWZ3TW7V2&gtm=45je34j0&_p=1298104445&cid=1033005192.1682506606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1682506605&sct=1&seg=0&dl=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A&dt=&en=user_engagement&_et=4243
Domain
www.healthsafe-id.com
URL
https://www.healthsafe-id.com/assets/bundles-average.js
Domain
www.healthsafe-id.com
URL
https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjqrtux_10259230221142207.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

23 Cookies

Domain/Path Name / Value
.optumrx.com/ Name: dtCookie
Value: v_4_srv_38_sn_A41350735C275DBD913E0D30D2371AFA_perc_100000_ol_0_mul_1_app-3A24e216029dc34234_1
.optumrx.com/ Name: rxVisitor
Value: 1682506605264I3TKB1GA164FIT6KPOBKU1BBVQGBV5QH
.optumrx.com/ Name: dtLatC
Value: 539
specialty.optumrx.com/ Name: ai_user
Value: V1J4dgvLZMeavpMP2zbvB5|2023-04-26T10:56:45.442Z
.demdex.net/ Name: demdex
Value: 06772869682048057033168778813777936953
.optumrx.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.optumrx.com/ Name: rxvt
Value: 1682508405741|1682506605265
.optumrx.com/ Name: dtPC
Value: 38$106605262_385h3vSMMRCBAGLGCDNQHBFPGPKLLNKTBOCCFS-0e0
.optumrx.com/ Name: dtSa
Value: false%7Cxhr%7C3%7Cx%7Cx%7C1682506605741%7C106605262_385%7Chttps%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A247Call%3A%3A%3A%3A%7C%7C%7C%7C
.optumrx.com/ Name: _ga
Value: GA1.1.1033005192.1682506606
.optumrx.com/ Name: _ga_HWWZ3TW7V2
Value: GS1.1.1682506605.1.0.1682506605.0.0.0
specialty.optumrx.com/ Name: ai_session
Value: a0LcVe9V86ThH3emktQ9NE|1682506605841|1682506605841
.optumrx.com/ Name: s_cc
Value: true
.youtube.com/ Name: YSC
Value: UqyRc7j2NeU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: xu9D0gHCuoc
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEkDbQAAAGbucgNn
.dpm.demdex.net/ Name: dpm
Value: 06772869682048057033168778813777936953
.optumrx.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19474%7CMCMID%7C04728190998093398222598644146050309584%7CMCAAMLH-1683111405%7C6%7CMCAAMB-1683111405%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1682513805s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19481%7CvVersion%7C5.5.0
.demdex.net/ Name: dextp
Value: 771-1-1682506605883|903-1-1682506605984|285689-1-1682506606085
.doubleclick.net/ Name: IDE
Value: AHWqTUnUy2qUNMB_332F5otqU4AWOuavvx2Egj4kBOz7eyO-TmZhqer5vqEAttQ7Jkw
specialty.optumrx.com/ Name: ASLBSA
Value: 00032d065590ba1f7ee5eae29061ef6c12138ad040b5db8aabbf49479e940d27b1b6773962bf8923de5622c99a21ad7c7d6344d2416619ad4578b81fafd6aa290dbe
specialty.optumrx.com/ Name: ASLBSACORS
Value: 00032d065590ba1f7ee5eae29061ef6c12138ad040b5db8aabbf49479e940d27b1b6773962bf8923de5622c99a21ad7c7d6344d2416619ad4578b81fafd6aa290dbe
sso.optum.com/ Name: ext-PF
Value: E2RikP3bwYseqrx6HC0EJXUNluPa1jLBg25bwEv5HMOF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
click.yourpharmacybenefits.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
dc.services.visualstudio.com
dpm.demdex.net
global.ib-ibi.com
js.monitor.azure.com
match.adsrvr.org
region1.google-analytics.com
smetrics.optum.com
specialty.optumrx.com
specialtycms.optumrx.com
sso.optum.com
unitedhealthgroup.demdex.net
www.googletagmanager.com
www.healthsafe-id.com
www.youtube.com
dc.services.visualstudio.com
region1.google-analytics.com
www.healthsafe-id.com
13.111.148.8
13.69.106.88
168.183.36.21
168.183.53.8
172.217.23.98
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
2620:1ec:4e:1::67
2620:1ec:4f:1::45
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a02:26f0:480:7a2::1e80
3.33.220.150
52.213.24.209
52.31.11.204
63.140.62.164
63.33.154.254
69.169.85.6
070aebee4c79bd020c5349fdb796770178efd6d3ea6ee117fd5d15abd294dd9e
1e9ac7f8b31b32971de00c6847b5afbe919555885537328891f5cc20eedf51e3
3edc5ba2927089d27a1578afc8c028458111a8278208bf45c49726c3c5e7b96c
61a64dc9b8891b3016f64d73dcf325a224fb1da48aef0a2358a269616ba195ed
679a89792c6667a5ef5606e009328640dc1ba78b04f8c876378748967221fa48
7cb866f98da28c67b675b23b961f3eefa1c57cdd623928eb79b0c693906d882b
825d7b44f8e4a0fa577e5cd41420cdf873c19269e0512ee7eef7d2cfddddbf15
8b769c30deab49e223d891864b0469e3258ed30b0a8b13ba60f678d25e45d6ec
a9623e0ddb3fb3688c409d5345429bebd59eb5015533f2c0d575a868265fea6f
bae4dae57e48273f4785f8b1cc8b7aa93c6295adc8c64629510a03e66bf0f88a
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
f5bc4897bd9f4a7d83063fe36c8d507a3c6494e56948ff847742a6e2efd7f187