urlscan.io logo urlscan.io
SecurityTrails logo

account.hcsc.net Open in urlscan Pro
205.172.134.27  Public Scan

Go To Rescan Add Verdict Report
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Do...
Submission: On September 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 44 HTTP transactions. The main IP is 205.172.134.27, located in Chicago, United States and belongs to HSC, US. The main domain is account.hcsc.net.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 6th 2022. Valid for: a year.
This is the only time account.hcsc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    205.172.134.27 (Chicago, United States)

ASN23494 (HSC, US)
account.hcsc.net
cim.hcsc.net
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a02:26f0:3500:58f::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    52.211.144.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
hcsc.demdex.net
2    63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net
healthcareservicecorporation.sc.omtrdc.net
1    34.240.140.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-140-136.eu-west-1.compute.amazonaws.com
cm.everesttech.net
8    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    52.177.30.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bam-aem.hcsc.net
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    18.206.42.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-42-154.compute-1.amazonaws.com
bf69636tjb.bf.dynatrace.com
Apex Domain
Subdomains		 Transfer
9 hcsc.net
account.hcsc.net
cim.hcsc.net — Cisco Umbrella Rank: 206363
bam-aem.hcsc.net — Cisco Umbrella Rank: 211887
2 MB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
1007 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
85 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
jnn-pa.googleapis.com — Cisco Umbrella Rank: 253
33 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
static.doubleclick.net — Cisco Umbrella Rank: 307
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234
hcsc.demdex.net — Cisco Umbrella Rank: 110298
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
70 KB
2 dynatrace.com
bf69636tjb.bf.dynatrace.com — Cisco Umbrella Rank: 86614
968 B
2 omtrdc.net
healthcareservicecorporation.sc.omtrdc.net — Cisco Umbrella Rank: 88716
467 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
14 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1272
517 B
44 13
Domain Requested by
8 www.youtube.com account.hcsc.net
www.youtube.com
5 account.hcsc.net account.hcsc.net
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 cim.hcsc.net account.hcsc.net
3 assets.adobedtm.com account.hcsc.net
assets.adobedtm.com
2 bf69636tjb.bf.dynatrace.com account.hcsc.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 healthcareservicecorporation.sc.omtrdc.net account.hcsc.net
2 dpm.demdex.net account.hcsc.net
2 fonts.googleapis.com account.hcsc.net
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 bam-aem.hcsc.net
1 cm.everesttech.net 1 redirects
1 hcsc.demdex.net assets.adobedtm.com
44 19

This site contains links to these domains. Also see Links.

Domain
www.bcbs.com
Subject Issuer Validity Valid
account.hcsc.net
Entrust Certification Authority - L1K		 2022-12-06 -
2023-12-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
cim.hcsc.net
Entrust Certification Authority - L1K		 2022-10-13 -
2023-10-13		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
bam-aem.hcsc.net
Entrust Certification Authority - L1K		 2023-01-04 -
2024-02-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.bf.dynatrace.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-07		 10 months crt.sh

This page contains 3 frames:

Primary Page: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Frame ID: 6A18D5EBA8932A597DDABB054A1D2143
Requests: 22 HTTP requests in this frame

Frame: https://hcsc.demdex.net/dest5.html?d_nsid=0
Frame ID: 143CD2DEA751F1F2DA23E4727D6786C6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lnxcQiuJIxk
Frame ID: C2B1DC61E971D659E00FEC04A85B72AA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BCBS Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

44
Requests

95 %
HTTPS

65 %
IPv6

13
Domains

19
Subdomains

17
IPs

3
Countries

2821 kB
Transfer

5673 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=20787343391658660834499475993128624721 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPnrIQAAAI-_igOV
Request Chain 27
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.hcsc.net/login/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
9551a6f8775cb1756c864867ec99f165cadcd970b4be9c3ca574a27b3c737ac1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache no-store
Connection
keep-alive
Content-Length
1377
Content-Type
text/html;charset=utf-8
Date
Thu, 07 Sep 2023 15:24:06 GMT
Etag
"64ef5348-235:dtagent10271230629152232n3px"
Expires
Thu, 07 Sep 2023 15:24:05 GMT
Keep-Alive
timeout=60
Last-Modified
Wed, 30 Aug 2023 14:33:44 GMT
X-Oneagent-Js-Injection
true
X-Ruxit-Js-Agent
true
X-Vcap-Request-Id
96bf4380-c515-49b0-6dda-34d51d35bb16
ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
account.hcsc.net/login/ 		214 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
475a08e3abce68edaca9a5bc5b5204dc67fbdd04734533e26236f0bf924cb23f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 15:24:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Content-Type
text/javascript;charset=utf-8
X-Vcap-Request-Id
a1ba5024-8cc8-46c4-7bb6-4b65d7204428
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
83954
Expires
Fri, 06 Sep 2024 15:24:12 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 15:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 14:14:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 15:24:14 GMT
main.91a2a3eec98c26e03e87.js
account.hcsc.net/login/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.hcsc.net/login/main.91a2a3eec98c26e03e87.js
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
352e3f34ddda05648114b59b11270f3efa8ae632b5b94987fe451e26aaccbbff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 15:24:07 GMT
Last-Modified
Wed, 30 Aug 2023 14:33:44 GMT
Etag
"64ef5348-167df7"
Content-Type
application/x-javascript
X-Vcap-Request-Id
9dc97c1f-297b-4be5-5782-b98abdc7b67a
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1474039
main.acbcb37dc92cf568dd3b.css
account.hcsc.net/login/ 		54 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.hcsc.net/login/main.acbcb37dc92cf568dd3b.css
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
9a0d229035b08bcf2de2d0b88a1fffb3832ad550be8127f3517b3a343740bd93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 15:24:13 GMT
Last-Modified
Wed, 30 Aug 2023 14:33:44 GMT
Etag
"64ef5348-d876"
Content-Type
text/css
X-Vcap-Request-Id
3f3cfba4-2542-43ef-6653-1ea1b11447ae
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
55414
css2
fonts.googleapis.com/ 		3 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.acbcb37dc92cf568dd3b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce21709f7ac4f95d29cbbf971332e46ca1e02aec16e7b5c5923b3c99f4bae78d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 15:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 15:24:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 15:24:14 GMT
config
account.hcsc.net/login/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.hcsc.net/login/config
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69

Request headers

Accept
application/json, text/plain, */*
Referer
https://account.hcsc.net/login/?goto=https%3A%2F%2Fcim.hcsc.net%3A443%2Fam%2Foauth2%2Fmembers%2Fauthorize%3Fclient_id%3Doauth_mma_wot_APP00046856%26scope%3Dopenid%2520profile%26redirect_uri%3Dhttps%3A%2F%2Fwellontarget.onlifehealth.com%2FHome%2FLoginCallback%26response_type%3Dcode%26state%3DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%26code_challenge%3DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%26code_challenge_method%3DS256%26service%3Dhcsc-members-mma-mfa&realm=/members&service=hcsc-members-mma-mfa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
x-dtpc
7$300254513_122h3vFPCWGHAKKUAWCJKFMHPPIILPANCRGNLB-0e0

Response headers

Date
Thu, 07 Sep 2023 15:24:09 GMT
Last-Modified
Wed, 30 Aug 2023 14:33:44 GMT
Etag
"64ef5348-2ba"
Content-Type
application/json
X-Vcap-Request-Id
f68261d8-217b-4899-57eb-a994a8777acd
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
698
launch-1f6332b2afd3.min.js
assets.adobedtm.com/45efbf285322/1951ece8c775/ 		221 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.91a2a3eec98c26e03e87.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
10cc6b3bf915c6f189b0557e386b3c432ae7de76b20b8926eb87b36029322fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:16 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 19:11:49 GMT
server
AkamaiNetStorage
etag
"97258f3e45de8f4e2cb4aafb0ad142d4:1693249909.284411"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://account.hcsc.net
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
57302
expires
Thu, 07 Sep 2023 16:24:16 GMT
en
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/registration-page.generic.json/membership/lob/group&experience/language/en
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Dispatcher
1
Date
Thu, 07 Sep 2023 15:24:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;preload
X-Vhost
bam-aem
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://account.hcsc.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
860
id
dpm.demdex.net/ 		363 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=24F66F63598431DC0A495EE9%40AdobeOrg&d_nsid=0&ts=1694100256909
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
412c8846ace5d4fbb0bfcf3710cbfc897f3d9c7167ce5f3996d288e6fb49ae20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v050-078ae1879.edge-irl1.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
aDbKLqQTQFg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://account.hcsc.net
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
309
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://account.hcsc.net
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Thu, 07 Sep 2023 16:24:16 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58f::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://account.hcsc.net
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Thu, 07 Sep 2023 16:24:16 GMT
dest5.html
hcsc.demdex.net/ Frame 143C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hcsc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/45efbf285322/1951ece8c775/launch-1f6332b2afd3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.hcsc.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v050-0407564fa.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
uI9XqnSfRcc=
content-encoding
gzip
date
Thu, 7 Sep 2023 15:24:17 GMT
last-modified
Tue, 1 Aug 2023 09:11:46 GMT
vary
accept-encoding
id
healthcareservicecorporation.sc.omtrdc.net/ 		2 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://healthcareservicecorporation.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=24F66F63598431DC0A495EE9%40AdobeOrg&mid=20241381229123327694521423448403399123&ts=1694100257169
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 07 Sep 2023 15:24:17 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://account.hcsc.net
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZPnrIQAAAI-_igOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=20787343391658660834499475993128624721
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPnrIQAAAI-_igOV
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPnrIQAAAI-_igOV
Protocol
HTTP/1.1
Server
52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-144-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0e03aa7e8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
n3/2SGaOT38=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPnrIQAAAI-_igOV
Date
Thu, 07 Sep 2023 15:24:17 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
lnxcQiuJIxk
www.youtube.com/embed/ Frame C2B1 		86 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/lnxcQiuJIxk
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/main.91a2a3eec98c26e03e87.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a531b7c372b60779b33e0754d18296b044089af1dddb287b6ba22f9d753a367d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.hcsc.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 15:24:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
WoT_Logo.svg
bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bam-aem.hcsc.net/content/dam/hcsc/common/logos/assets/WoT_Logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.177.30.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hcsc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-dispatcher
2
date
Thu, 07 Sep 2023 15:24:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains;preload
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 20:14:59 GMT
server
Apache
etag
"1970-604a248013c41-gzip"
x-vhost
bam-aem
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
2573
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account.hcsc.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 06:04:28 GMT
x-content-type-options
nosniff
age
465589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 06:04:28 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account.hcsc.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:47:29 GMT
x-content-type-options
nosniff
age
473808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18232
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:47:29 GMT
right-side-page-all-states
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-st... 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget.generic.json/membership/us-states/all-states&membership/lob/group&content/dam/hcsc/common/manage-my-account/well-ontarget/all-states/right-side-page-all-states
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Dispatcher
2
Date
Thu, 07 Sep 2023 15:24:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;preload
X-Vhost
bam-aem
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://account.hcsc.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
445
en
cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cim.hcsc.net/content/dam/hcsc/common/manage-my-account/well-ontarget/footer.generic.json/membership/lob/group&experience/language/en
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.172.134.27 Chicago, United States, ASN23494 (HSC, US),
Reverse DNS
Software
/
Resource Hash
8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

X-Dispatcher
1
Date
Thu, 07 Sep 2023 15:24:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;preload
X-Vhost
bam-aem
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://account.hcsc.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
570
s17413844421356
healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/ 		43 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://healthcareservicecorporation.sc.omtrdc.net/b/ss/hcsc-prod-bam,hcsc-global-prod/1/JS-2.23.0-LDQM/s17413844421356
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 15:24:17 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Sep 2023 15:24:17 GMT
server
jag
etag
3638052600735039488-4617872970387779829
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://account.hcsc.net
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 06 Sep 2023 15:24:17 GMT
www-player.css
www.youtube.com/s/player/7ee36b0e/ Frame C2B1 		383 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
2356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 14:45:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C2B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
476774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C2B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
466375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 05:51:22 GMT
embed.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame C2B1 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 06:12:21 GMT
www-embed-player.js
www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame C2B1 		314 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
4016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96199
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 14:17:21 GMT
base.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame C2B1 		2 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 22:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
796229
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 22:42:17 GMT
id
googleads.g.doubleclick.net/pagead/ Frame C2B1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e9e8bf5e3bde79f94188b3ccae90a15c0fe1e4f80336edeb36b10a7ed84aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 15:24:17 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C2B1 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:14:24 GMT
x-content-type-options
nosniff
age
593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 15:29:24 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 15:24:17 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C2B1 		67 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a17ea0fd7b29ab795ce6dd76dd6cf658b2d4b75c51ef5224f54a79be4e11bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31395
x-xss-protection
0
remote.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame C2B1 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 18:29:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
75262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33687
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 18:29:55 GMT
_vJynN5KAWzV-u4i4qf1yy3siiLGs8XVUDdeWg6qJso.js
www.google.com/js/th/ Frame C2B1 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/_vJynN5KAWzV-u4i4qf1yy3siiLGs8XVUDdeWg6qJso.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fef2729cde4a016cd5faee22e2a7f5cb2dec8a22c6b3c5d550375e5a0eaa26ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 05:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
123418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14719
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 05:07:20 GMT
sddefault.webp
i.ytimg.com/vi_webp/lnxcQiuJIxk/ Frame C2B1 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/lnxcQiuJIxk/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13636
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 17:24:18 GMT
truncated
/ Frame C2B1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
0B0flfi1o36LqeG-DBMqY47DktKDat0KBEZNnSiijRt7IqcZOnWm_Iv3WSNLE5jo4HW6jMEuEGw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C2B1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/0B0flfi1o36LqeG-DBMqY47DktKDat0KBEZNnSiijRt7IqcZOnWm_Iv3WSNLE5jo4HW6jMEuEGw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
255dbe70a486526e0cd181c4f8b8a7c94ccfc658e0c8043fef726821990b38f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:50:57 GMT
x-content-type-options
nosniff
age
5601
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3122
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 08 Sep 2023 13:50:57 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C2B1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 15:24:18 GMT
generate_204
www.youtube.com/ Frame C2B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?xOtgRg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/lnxcQiuJIxk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 15:24:18 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C2B1 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f2889bc5301479ee734a9477cbcec54c80492e389a65d4d97f50677e6daf6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 07 Sep 2023 15:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame C2B1 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 08 Sep 2023 15:14:24 GMT
bf
bf69636tjb.bf.dynatrace.com/ 		220 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_20458E45FB2530FAEFD86F02C8E6C1BB_perc_100000_ol_0_mul_1_app-3Ae52da50c3dcf4fc9_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=FPCWGHAKKUAWCJKFMHPPIILPANCRGNLB-0&modifiedSince=1693931581483&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%2526code_challenge%253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa&bp=3&app=e52da50c3dcf4fc9&crc=3334322442&en=e6mqrbyg&end=1
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.42.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-42-154.compute-1.amazonaws.com
Software
/
Resource Hash
5bf462e199907d68471143ab412da54bfbbbbbae67a7f17fc681e73e9b8691c0

Request headers

Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://account.hcsc.net
x-oneagent-js-injection
true
date
Thu, 07 Sep 2023 15:24:19 GMT
cache-control
no-cache
content-length
220
content-type
text/plain;charset=utf-8
log_event
www.youtube.com/youtubei/v1/ Frame C2B1 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
X-Goog-Request-Time
1694100260286
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/lnxcQiuJIxk
X-YouTube-Client-Version
1.20230904.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtxajlnclZOTkR2cyih1uenBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1694100257698&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C409%2C260&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 07 Sep 2023 15:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Thu, 07 Sep 2023 15:24:20 GMT
bf
bf69636tjb.bf.dynatrace.com/ 		220 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf69636tjb.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_20458E45FB2530FAEFD86F02C8E6C1BB_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=FPCWGHAKKUAWCJKFMHPPIILPANCRGNLB-0&modifiedSince=1693931581483&rf=https%3A%2F%2Faccount.hcsc.net%2Flogin%2F%3Fgoto%3Dhttps%253A%252F%252Fcim.hcsc.net%253A443%252Fam%252Foauth2%252Fmembers%252Fauthorize%253Fclient_id%253Doauth_mma_wot_APP00046856%2526scope%253Dopenid%252520profile%2526redirect_uri%253Dhttps%253A%252F%252Fwellontarget.onlifehealth.com%252FHome%252FLoginCallback%2526response_type%253Dcode%2526state%253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%2526code_challenge%253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%2526code_challenge_method%253DS256%2526service%253Dhcsc-members-mma-mfa%26realm%3D%2Fmembers%26service%3Dhcsc-members-mma-mfa&bp=3&app=e52da50c3dcf4fc9&crc=2468337416&en=e6mqrbyg&end=1
Requested by
Host: account.hcsc.net
URL: https://account.hcsc.net/login/ruxitagentjs_ICA27NVfhqrux_10271230629152232.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.206.42.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-42-154.compute-1.amazonaws.com
Software
/
Resource Hash
5bf462e199907d68471143ab412da54bfbbbbbae67a7f17fc681e73e9b8691c0

Request headers

Referer
https://account.hcsc.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://account.hcsc.net
x-oneagent-js-injection
true
date
Thu, 07 Sep 2023 15:24:20 GMT
cache-control
no-cache
content-length
220
content-type
text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| dT_ object| dtrum object| dynatrace object| regeneratorRuntime object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s number| s_loadT number| d object| eo number| y string| f0 object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_hcsc-prod-bam_hcsc-global-prod

25 Cookies

Domain/Path Name / Value
account.hcsc.net/ Name: TS0123e410
Value: 01d43b0fd230ed5d069f10ad4de8226a0305f48ffb3d6a90772f63a21b1c87001582f07eb61d14c1f37949b6faff87693ca8dd2041
.hcsc.net/ Name: TS011c8526
Value: 01d43b0fd2b577a7b451ef5c292a96ff766fd41c4d3d6a90772f63a21b1c87001582f07eb675ce3a2fd6b9eaae5db61ee409c43121d47a4bbbfb5dffa347167d957581f2a9
.hcsc.net/ Name: rxVisitor
Value: 169410025451424V67MHVN9AEDHMBGA8QBNV2JPR3A71Q
.hcsc.net/ Name: dtSa
Value: -
.hcsc.net/ Name: rxvt
Value: 1694102056532|1694100254515
.hcsc.net/ Name: dtPC
Value: 7$300254513_122h-vFPCWGHAKKUAWCJKFMHPPIILPANCRGNLB-0e0
.demdex.net/ Name: demdex
Value: 20787343391658660834499475993128624721
.hcsc.net/ Name: AMCVS_24F66F63598431DC0A495EE9%40AdobeOrg
Value: 1
.hcsc.net/ Name: s_getNewRepeat
Value: 1694100257370-New
.hcsc.net/ Name: gpv_pn
Value: no%20value
.hcsc.net/ Name: s_vnum
Value: 1694296800370%26vn%3D1
.hcsc.net/ Name: s_invisit
Value: true
.hcsc.net/ Name: s_daysSinceVisit
Value: 1694100257371
.hcsc.net/ Name: s_daysSinceVisit_s
Value: First%20Visit
.hcsc.net/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.hcsc.net/ Name: s_ppv
Value: https%253A%2F%2Faccount.hcsc.net%2Flogin%2F%253Fgoto%253Dhttps%25253A%25252F%25252Fcim.hcsc.net%25253A443%25252Fam%25252Foauth2%25252Fmembers%25252Fauthorize%25253Fclient_id%25253Doauth_mma_wot_APP00046856%252526scope%25253Dopenid%25252520profile%252526redirect_uri%25253Dhttps%25253A%25252F%25252Fwellontarget.onlifehealth.com%25252FHome%25252FLoginCallback%252526response_type%25253Dcode%252526state%25253DNRFLs8z6-FEhmrM-pRf1uQSZBTDO4liW_C4ri_rfJgc%252526code_challenge%25253DUbDYn1C-_SC0BhL_7u23B_najYn7zDRbF7iTlZixcfc%252526code_challenge_method%25253DS256%252526service%25253Dhcsc-members-mma-mfa%2526realm%253D%2Fmembers%2526service%253Dhcsc-members-mma-mfa%2C87%2C87%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.hcsc.net/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPnrIQAAAI-_igOV
.dpm.demdex.net/ Name: dpm
Value: 20787343391658660834499475993128624721
.hcsc.net/ Name: AMCV_24F66F63598431DC0A495EE9%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19608%7CMCMID%7C20241381229123327694521423448403399123%7CMCAAMLH-1694705057%7C6%7CMCAAMB-1694705057%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1694107457s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19615%7CvVersion%7C5.5.0
.youtube.com/ Name: YSC
Value: zQj0I1Y1S8w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qj9grVNNDvs
bam-aem.hcsc.net/ Name: ApplicationGatewayAffinityCORS
Value: 37075391e2f1258f72fbb32632aa8281
bam-aem.hcsc.net/ Name: ApplicationGatewayAffinity
Value: 37075391e2f1258f72fbb32632aa8281
.hcsc.net/ Name: dtCookie
Value: v_4_srv_7_sn_20458E45FB2530FAEFD86F02C8E6C1BB_app-3Ae52da50c3dcf4fc9_1_ol_0_perc_100000_mul_1_rcs-3Acss_0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.hcsc.net
assets.adobedtm.com
bam-aem.hcsc.net
bf69636tjb.bf.dynatrace.com
cim.hcsc.net
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hcsc.demdex.net
healthcareservicecorporation.sc.omtrdc.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
18.206.42.154
205.172.134.27
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2016
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a02:26f0:3500:58f::1e80
34.240.140.136
52.177.30.255
52.211.144.29
63.140.62.160
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
082cab01a25497a4d0835dcc346b30e6925b1f15791c6805eb11143343b0aaec
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
10cc6b3bf915c6f189b0557e386b3c432ae7de76b20b8926eb87b36029322fdb
255dbe70a486526e0cd181c4f8b8a7c94ccfc658e0c8043fef726821990b38f9
2a17ea0fd7b29ab795ce6dd76dd6cf658b2d4b75c51ef5224f54a79be4e11bfe
352e3f34ddda05648114b59b11270f3efa8ae632b5b94987fe451e26aaccbbff
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412c8846ace5d4fbb0bfcf3710cbfc897f3d9c7167ce5f3996d288e6fb49ae20
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
475a08e3abce68edaca9a5bc5b5204dc67fbdd04734533e26236f0bf924cb23f
48b3df58aca460a9eeebdd7b5737fc06365986e3ea8d95bc02202d36b5b1e243
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bf462e199907d68471143ab412da54bfbbbbbae67a7f17fc681e73e9b8691c0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8c60642a79a7cb0639f0d93ec7c67b84eb7b5d935afa433b7bdd284b947514b4
8f2889bc5301479ee734a9477cbcec54c80492e389a65d4d97f50677e6daf6f7
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
9551a6f8775cb1756c864867ec99f165cadcd970b4be9c3ca574a27b3c737ac1
960154e7754cc37c47cf02e174238ae79f79a0a1e3aa5597b1eb0ea0603cb986
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
9a0d229035b08bcf2de2d0b88a1fffb3832ad550be8127f3517b3a343740bd93
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a3e9e8bf5e3bde79f94188b3ccae90a15c0fe1e4f80336edeb36b10a7ed84aee
a531b7c372b60779b33e0754d18296b044089af1dddb287b6ba22f9d753a367d
ace5d7a5aadf34910d49627018f8b1954485fc93c04497f68709f5c01496a24f
ce21709f7ac4f95d29cbbf971332e46ca1e02aec16e7b5c5923b3c99f4bae78d
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd1274f0d4182341db7378228898718bf04ff6c101b6b1f1f2b5a42e30db69
fef2729cde4a016cd5faee22e2a7f5cb2dec8a22c6b3c5d550375e5a0eaa26ca