urlscan.io logo urlscan.io
SecurityTrails logo

www.healthsafe-id.com Open in urlscan Pro
18.173.154.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://member.uhc.com/
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On November 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 46 HTTP transactions. The main IP is 18.173.154.122, located in and belongs to . The main domain is www.healthsafe-id.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 30th 2023. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 29 45.60.33.26 19551 (INCAPSULA)
1 8 107.154.114.243 19551 (INCAPSULA)
4 2600:1f18:24e... 14618 (AMAZON-AES)
3 2600:1f18:24e... 14618 (AMAZON-AES)
1 1 168.183.36.21 ()
2 3 18.173.154.122 ()
46 6
29    45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)
member.uhc.com
member.werally.com
8    107.154.114.243 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.243.ip.incapdns.net
api.member.uhc.com
4    2600:1f18:24e6:b902:f065:7c16:200d:1ada (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
3    2600:1f18:24e6:b901:fce1:9f9f:b4a:88c3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
1    168.183.36.21 (None, )

ASN- ()
sso.optum.com
3    18.173.154.122 (None, )

ASN- ()
www.healthsafe-id.com
Apex Domain
Subdomains		 Transfer
31 uhc.com
member.uhc.com — Cisco Umbrella Rank: 57670
api.member.uhc.com — Cisco Umbrella Rank: 73898
dtsaas-sgw.uhc.com Failed
1 MB
7 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 7556
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 1980
914 B
6 werally.com
member.werally.com — Cisco Umbrella Rank: 55361
93 KB
3 healthsafe-id.com
www.healthsafe-id.com
3 KB
1 optum.com
sso.optum.com
808 B
46 5
Domain Requested by
23 member.uhc.com 2 redirects member.uhc.com
8 api.member.uhc.com 1 redirects member.uhc.com
6 member.werally.com member.uhc.com
4 session-replay.browser-intake-datadoghq.com member.uhc.com
3 www.healthsafe-id.com 2 redirects member.uhc.com
www.healthsafe-id.com
3 rum.browser-intake-datadoghq.com member.uhc.com
1 sso.optum.com 1 redirects
0 dtsaas-sgw.uhc.com Failed www.healthsafe-id.com
46 8

This site contains no links.

Subject Issuer Validity Valid
member.uhc.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh
*.werally.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-28 -
2024-07-28		 a year crt.sh
api.member.uhc.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh
www.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA		 2023-09-30 -
2024-09-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2FsJ14aKOuWq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Dmyuhc%26lang%3Den%26client_id%3Dplanselector_hsid_prod&reason=0
Frame ID: 414ACC1F753B0407FBF7974522FC9EF6
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://member.uhc.com/ HTTP 301
    https://member.uhc.com/ Page URL
  2. https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=... Page URL
  3. https://member.uhc.com/plan-selector/automatic?locale=en-US&portal=myuhc&membershipCategory=DEFAULT HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?pfidpadapterid=HsidNewUIOidc&client_id=planselec... HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/myuhc/en?resume=/as/sJ14aKOuWq/resume/as/authorization.ping&s... HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Page Statistics

46
Requests

89 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

6
IPs

1
Countries

1269 kB
Transfer

4556 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://member.uhc.com/ HTTP 301
    https://member.uhc.com/ Page URL
  2. https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US Page URL
  3. https://member.uhc.com/plan-selector/automatic?locale=en-US&portal=myuhc&membershipCategory=DEFAULT HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?pfidpadapterid=HsidNewUIOidc&client_id=planselector_hsid_prod&response_type=code&scope=openid+profile&redirect_uri=https%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback&state=aWQ9YzJhYTc3MWMtYWZiYy00Zjc4LTg2YzktMjQ4MDVhMmQxNTQ0JnVpPWZhbHNlJmNpZD1BSGt2U2RtV2E0U3l6Ul9wbGFuLXNlbGVjdG9yLWFwaQ&portal=myuhc&lang=en&locale=en-US HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/myuhc/en?resume=/as/sJ14aKOuWq/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://member.uhc.com/plan-selector/protected/oidc/v1/callback&portal=myuhc&lang=en&client_id=planselector_hsid_prod HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiVnk4eWZOZzlDSHNDdXhReVpvVGl0a2NLN0ZVIiwic3VmZml4IjoiUWQyR1JsLjE3MDExOTQ3MTIifQ..MuxGz_R2LBi5XQUTUMPypA.OuADcLl0R4BxSF44gSKgNFb5GS4WBc8zhgvCrzl8qz5YNCVKMj_jySMQL2wZn7wcZ_Nam91uhbJjVXSplCjGBeQl6QsqyajjybwRm0HIvNYCQk3dwNeLqNqjg-Y5kduY-mdkrJ5-6Zm7NzWozHoT3y9L2aTz-pt6kHE5qtZZQ_rHmnRksudz7oDMlTw6wpjb79y2TBUDEiwAL3WorWDyjzi-mKpFFxbkjtUXmCK8cHQfxPDxtz1257JhYMuQmhitfbIksmXrNEC9_hq-sZy_Vq_hDL2sS_cr31S2xOpaAyOWXKjTueQeh1eeYZFF6DISt9pAGt-oU1djKPD9KE5w1dA9aluI761fgeubzI3A07M.aUGRfqbe_hgpqkhLliyr1Q&nonce=TC8ipH079RunmT_2YJS7PIPV341AMmtOxlowwd0igDI&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2FsJ14aKOuWq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Dmyuhc%26lang%3Den%26client_id%3Dplanselector_hsid_prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2FsJ14aKOuWq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Dmyuhc%26lang%3Den%26client_id%3Dplanselector_hsid_prod&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://member.uhc.com/ HTTP 301
  • https://member.uhc.com/
Request Chain 33
  • https://api.member.uhc.com/rest/user/v1/session/logout HTTP 303
  • https://api.member.uhc.com/rest/user/v1/session/logout-api

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
member.uhc.com/
Redirect Chain
  • http://member.uhc.com/
  • https://member.uhc.com/
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e24de1f009cf2c0fe93ff6d54ad0fc33c4900798e344ae655e5c143552dbb25f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=60
content-encoding
gzip
content-security-policy-report-only
base-uri 'self' *.iperceptions.com unitedhealthgroup.demdex.net; child-src *.demdex.net *.iperceptions.com *.qualtrics.com blob:; connect-src 'self' bam.nr-data.net bat.bing.com *.nr-data.net t.co dpm.demdex.net *.demdex.net *.facebook.com *.google-analytics.com google-analytics.com *.iperceptions.com *.msg.liveperson.net *.liveperson.net *.lpsnmedia.net *.mymedicareaccount.com *.myoptum.com myoptum.com myoptum.akamaized.net myoptum-stage.akamaized.net *.optum.com *.qualtrics.com *.sendbird.com *.sundaysky.com *.uhc.com *.tt.omtrdc.net *.werally.com *.werally.in ws.sessioncam.com wss://*.msg.liveperson.net wss://*.sendbird.com *.datadoghq.com *.browser-intake-datadoghq.com *.logs.datadoghq.com *.myuhc.com api2.branch.io maelstrom-dmz.uhg.com maelstrom-dmz-nonprod.uhcprovider.com *.onelink-edge.com; default-src 'self'; font-src 'self' *.googleapis.com *.gstatic.com *.iperceptions.com *.werally.com maelstrom-dmz-nonprod.uhc.com myoptum.akamaized.net data: myoptum-stage.akamaized.net *.avast.com; frame-ancestors 'self' *.int.mymedicareaccount.uhc.com *.int.uhc.com https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com; frame-src *.aarpmedicareplans.com *.doubleclick.net *.healthsafe-id.com *.iperceptions.com *.lpsnmedia.net *.liveperson.net *.optum.com *.rally-dev.com *.stage-aarpmedicareplans.uhc.com *.sundaysky.com *.werally.com *.werally.in *.qualtrics.com google-analytics.com unitedhealthgroup.demdex.net *.facebook.net vkanalytics.net; img-src 'self' bam.nr-data.net *.bing.com data: *.everesttech.net dpm.demdex.net *.facebook.com *.facebook.net www.facebook.com *.gstatic.com *.google-analytics.com google-analytics.com google.com *.iperceptions.com *.qualtrics.com *.lpsnmedia.net *.myuhc.com *.optum.com *.rallyhealth.com rally-connect-fpc-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com nextportal-prod.s3.amazonaws.com s3.amazonaws.com *.s3.amazonaws.com *.ssa.gov *.sundaysky.com t.co *.uhc.com *.werally.com *.werally.in *.twitter.com cloudfront.federateddataservices.com *.googletagmanager.com cdn.honey.io z1.objecstorage.liveperson.net translate.google.com myuhc.com; media-src 'self' blob: *.lpsnmedia.net; object-src 'none'; report-uri /rest/csp-reporter https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=application_id%3Ab7642e6b-65fc-4102-b77b-4de9336d8820%2Cenv%3Aprod%2Cservice%3Aarcade-ui; script-src 'self' http: https: 'unsafe-inline' 'unsafe-eval' 'nonce-py8WYQfBbQIyl7xv2z12i6VczrLX0gr7' 'strict-dynamic' *.google-analytics.com *.iperceptions.com *.int.mymedicareaccount.uhc.com *.mymedicareaccount.com *.mymedicareaccount.uhc.com *.myuhc.com *.rally-dev.com *.twitter.com *.werally.in art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com connect.facebook.net d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com *.kaspersky-labs.com *.member.uhc.com *.myoptum.akamaized.net *.myoptum-stage.akamaized.net *.optum.com *.sundaysky.com *.uhc.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.omtrdc.net *.ssa.gov; worker-src blob:;
content-type
text/html
date
Tue, 28 Nov 2023 18:00:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-frame-options
DENY
x-iinfo
10-154606839-154606842 NNYN CT(87 180 0) RT(1701194404285 10) q(0 0 3 0) r(4 4) U12
x-xss-protection
1; mode=block

Redirect headers

Connection
close
Content-Length
0
Location
https://member.uhc.com/
configuration.js
member.uhc.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/configuration.js?v=686b780c443b0f96
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
afdf62fdf53fa2c0970d7abe461a51ce48b4e09e7c8cf7eb3aa79f74fe469254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 18 Nov 2023 04:35:51 GMT
x-cdn
Imperva
etag
"65583f27-5e20"
content-type
application/javascript
x-iinfo
10-154606839-154605069 2VNN RT(1701194404285 388) q(0 0 0 -1) r(4 4)
cache-control
max-age=3600, public
content-length
7031
expires
Tue, 28 Nov 2023 19:00:05 GMT
check-for-ie.js
member.uhc.com/ 		207 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/check-for-ie.js?v=d432ea4ca777dc93
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
67b6131141388d481febe3f6892356687aa9c35b6f01aedf1c333f05f6db944b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-cf"
content-type
application/javascript
x-iinfo
10-154606839-154605116 2VNN RT(1701194404285 392) q(0 0 0 -1) r(4 4)
content-length
177
~4348.bundle.a1585143405fa0a87618.js
member.uhc.com/ 		2 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b7c7dfb27299f367c58da5086c16f6cd5d3b2dfcae2d9819d211b804bf7c128d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-1afa17"
content-type
application/javascript
x-iinfo
10-154606839-154605069 2VNN RT(1701194404285 752) q(0 0 0 -1) r(3 3)
content-length
456280
~arcade.bundle.8c97408015db09fa6c3b.js
member.uhc.com/ 		430 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
296a4adada303b49f3a95774b9cceede41837adbe157c65806bff71e764ea936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-6b9f8"
content-type
application/javascript
x-iinfo
10-154606839-154598797 2VNN RT(1701194404285 784) q(0 0 0 -1) r(3 3)
content-length
122141
UHC2020Sans-Medium.woff2
member.werally.com/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Medium.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
4-51552042-51552044 NNNN CT(91 189 0) RT(1701194405567 9) q(0 0 3 0) r(4 5) U12
content-length
23212
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5aac"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
xeZuVNCVTELQI0apE+bfEaYqZmUAAAAA93PUm8EyuqMcuxHSMfex4g==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chatter-box.esm.js
member.uhc.com/chat/chatter-box/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
47a5caf29ae47dd694629c758721824c8aef76423ddc08b58f65dc0ba7cecb78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-bf0"
content-type
application/javascript
x-iinfo
10-154606839-154605069 2VNN RT(1701194404285 1288) q(0 0 0 -1) r(4 4)
x-incap-sess-cookie-hdr
I/YhKAiFlWW+IEapE+bfEaUqZmUAAAAAzd2/pbaytjguvKMqhqaWQQ==
content-length
1138
66957ddd-2f05-4b5c-91b4-6648f82bf60c
https://member.uhc.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://member.uhc.com/66957ddd-2f05-4b5c-91b4-6648f82bf60c
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e4d8817bd18243f8ebf46ad9d031b8bd2f699a2b9dde90285c069fe0423a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
25573
Content-Type
heartbeat
api.member.uhc.com/rest/user/v1/session/ 		163 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

RP-Token-Suffix
MU
accept-language
de-DE,de;q=0.9
Arcade-Locale
null
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json
Referer
https://member.uhc.com/
x-datadog-parent-id
1562743246650700025
x-datadog-trace-id
2295011229732737030
XSRF-TOKEN
undefined

Response headers

x-rally-correlationid
TPFDFkd8WGNphh-arcade_user
date
Tue, 28 Nov 2023 18:00:06 GMT
content-encoding
gzip
x-cdn
Imperva
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://member.uhc.com
x-iinfo
10-155728795-155728798 NNYN CT(87 184 0) RT(1701194406336 9) q(0 0 3 1) r(4 4) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
fgQwTv0BKnYk7gruIF0GFaYqZmUAAAAAhBgWZjv2VE90K2NXfSpKhw==
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
heartbeat
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,rp-token-suffix,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id,xsrf-token
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Tue, 28 Nov 2023 18:00:06 GMT
x-cdn
Imperva
x-iinfo
6-81557578-81557588 NNNN CT(90 183 0) RT(1701194405932 10) q(0 0 3 0) r(4 4) U24
x-incap-sess-cookie-hdr
tWBSUbX8d1Ak7gruIF0GFaYqZmUAAAAACiFq/Z01/8Uyr0yTsuHqtg==
x-rally-correlationid
hkMPgNb4kZfT3b-arcade_user
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Axhr%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=67a77968-9fa7-453d-9b8c-4cdf23f9692e
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:f065:7c16:200d:1ada Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
26c8d77a2262dfc900224625d65dde80145cf10a4f3da567d8fb0ae7b69b6bd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryL1QKJ68Ib9whFoO8

Response headers

date
Tue, 28 Nov 2023 18:00:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
p-074969b7.js
member.uhc.com/chat/chatter-box/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/p-074969b7.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4dcb69b9882ad3a3e5f898c94ac0382a69af28b1fab8a4b5b62bdfaa87629632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-30f9"
content-type
application/javascript
x-iinfo
10-154606839-154598797 2VNN RT(1701194404285 1683) q(0 0 0 -1) r(4 4)
x-incap-sess-cookie-hdr
TjmHF1oUeH2+IEapE+bfEaYqZmUAAAAA0pGdsmr9Oy5jJJSZfQEs6g==
content-length
5771
p-1dd0c357.js
member.uhc.com/chat/chatter-box/ 		1 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/p-1dd0c357.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
48fc8ee37833527dc694155e28e03707c6c07cf553124fd71dceedc29ace166c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-4e9"
content-type
application/javascript
x-iinfo
10-154606839-154605116 2VNN RT(1701194404285 1687) q(0 0 0 -1) r(4 4)
x-incap-sess-cookie-hdr
J1ZlPyVgAUu+IEapE+bfEaYqZmUAAAAAFkw2QQIZ/cn/QDev6qIQhQ==
content-length
761
login
member.uhc.com/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9331b9a568428f35c8f6adc0446fda3a08cec38bc46628a53bc1f360cac5ddda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://member.uhc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=60
content-encoding
gzip
content-security-policy-report-only
base-uri 'self' *.iperceptions.com unitedhealthgroup.demdex.net; child-src *.demdex.net *.iperceptions.com *.qualtrics.com blob:; connect-src 'self' bam.nr-data.net bat.bing.com *.nr-data.net t.co dpm.demdex.net *.demdex.net *.facebook.com *.google-analytics.com google-analytics.com *.iperceptions.com *.msg.liveperson.net *.liveperson.net *.lpsnmedia.net *.mymedicareaccount.com *.myoptum.com myoptum.com myoptum.akamaized.net myoptum-stage.akamaized.net *.optum.com *.qualtrics.com *.sendbird.com *.sundaysky.com *.uhc.com *.tt.omtrdc.net *.werally.com *.werally.in ws.sessioncam.com wss://*.msg.liveperson.net wss://*.sendbird.com *.datadoghq.com *.browser-intake-datadoghq.com *.logs.datadoghq.com *.myuhc.com api2.branch.io maelstrom-dmz.uhg.com maelstrom-dmz-nonprod.uhcprovider.com *.onelink-edge.com; default-src 'self'; font-src 'self' *.googleapis.com *.gstatic.com *.iperceptions.com *.werally.com maelstrom-dmz-nonprod.uhc.com myoptum.akamaized.net data: myoptum-stage.akamaized.net *.avast.com; frame-ancestors 'self' *.int.mymedicareaccount.uhc.com *.int.uhc.com https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com; frame-src *.aarpmedicareplans.com *.doubleclick.net *.healthsafe-id.com *.iperceptions.com *.lpsnmedia.net *.liveperson.net *.optum.com *.rally-dev.com *.stage-aarpmedicareplans.uhc.com *.sundaysky.com *.werally.com *.werally.in *.qualtrics.com google-analytics.com unitedhealthgroup.demdex.net *.facebook.net vkanalytics.net; img-src 'self' bam.nr-data.net *.bing.com data: *.everesttech.net dpm.demdex.net *.facebook.com *.facebook.net www.facebook.com *.gstatic.com *.google-analytics.com google-analytics.com google.com *.iperceptions.com *.qualtrics.com *.lpsnmedia.net *.myuhc.com *.optum.com *.rallyhealth.com rally-connect-fpc-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com nextportal-prod.s3.amazonaws.com s3.amazonaws.com *.s3.amazonaws.com *.ssa.gov *.sundaysky.com t.co *.uhc.com *.werally.com *.werally.in *.twitter.com cloudfront.federateddataservices.com *.googletagmanager.com cdn.honey.io z1.objecstorage.liveperson.net translate.google.com myuhc.com; media-src 'self' blob: *.lpsnmedia.net; object-src 'none'; report-uri /rest/csp-reporter https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=application_id%3Ab7642e6b-65fc-4102-b77b-4de9336d8820%2Cenv%3Aprod%2Cservice%3Aarcade-ui; script-src 'self' http: https: 'unsafe-inline' 'unsafe-eval' 'nonce-igWcsY14R6o4K9luhoXMP14DcaUpUR6a' 'strict-dynamic' *.google-analytics.com *.iperceptions.com *.int.mymedicareaccount.uhc.com *.mymedicareaccount.com *.mymedicareaccount.uhc.com *.myuhc.com *.rally-dev.com *.twitter.com *.werally.in art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com connect.facebook.net d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com *.kaspersky-labs.com *.member.uhc.com *.myoptum.akamaized.net *.myoptum-stage.akamaized.net *.optum.com *.sundaysky.com *.uhc.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.omtrdc.net *.ssa.gov; worker-src blob:;
content-type
text/html
date
Tue, 28 Nov 2023 18:00:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-frame-options
DENY
x-iinfo
10-154606839-154607195 NNYN CT(118 211 0) RT(1701194404285 2150) q(0 0 3 -1) r(4 4) U12
x-xss-protection
1; mode=block
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=986ffcd5-5b18-43cc-ad6a-19172d42d32b&batch_time=1701194406813
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:fce1:9f9f:b4a:88c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=f15183fa-5619-45c6-b07b-accf8e8b3c9b
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:f065:7c16:200d:1ada Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryndQRSR5RKzRft4l9

Response headers
configuration.js
member.uhc.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/configuration.js?v=6eebd6a4dd7b8229
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f30e5c9afced9720f66f49f43f111c89c0073ebf09e8384151d8a623b5ff68c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Sat, 18 Nov 2023 04:32:41 GMT
x-cdn
Imperva
etag
"65583e69-5e20"
x-frame-options
DENY
content-type
application/javascript
x-iinfo
10-154606839-154605144 2NYN RT(1701194404285 2610) q(0 0 0 -1) r(2 2)
cache-control
public, max-age=3600
accept-ranges
bytes
x-xss-protection
1; mode=block
check-for-ie.js
member.uhc.com/ 		207 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/check-for-ie.js?v=d432ea4ca777dc93
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
67b6131141388d481febe3f6892356687aa9c35b6f01aedf1c333f05f6db944b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-cf"
content-type
application/javascript
x-iinfo
10-154606839-154605145 2VNN RT(1701194404285 2613) q(0 1 1 -1) r(4 4)
content-length
177
~4348.bundle.a1585143405fa0a87618.js
member.uhc.com/ 		2 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b7c7dfb27299f367c58da5086c16f6cd5d3b2dfcae2d9819d211b804bf7c128d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-1afa17"
content-type
application/javascript
x-iinfo
10-154606839-154605865 2VNN RT(1701194404285 2810) q(0 0 0 -1) r(4 4)
content-length
456280
~arcade.bundle.8c97408015db09fa6c3b.js
member.uhc.com/ 		430 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
296a4adada303b49f3a95774b9cceede41837adbe157c65806bff71e764ea936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-6b9f8"
content-type
application/javascript
x-iinfo
10-154606839-154598797 2VNN RT(1701194404285 3002) q(0 0 0 -1) r(4 4)
content-length
122141
UHC2020Sans-Medium.woff2
member.werally.com/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Medium.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
4-51552042-51552252 NNNN CT(94 182 0) RT(1701194405567 2236) q(0 0 2 -1) r(3 4) U12
content-length
23212
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5aac"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
XEKGNqD9GXLQI0apE+bfEagqZmUAAAAAUGenVl1PIu89MU/vDrKzJA==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chatter-box.esm.js
member.uhc.com/chat/chatter-box/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
47a5caf29ae47dd694629c758721824c8aef76423ddc08b58f65dc0ba7cecb78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-bf0"
content-type
application/javascript
x-iinfo
10-154606839-154605069 2VNN RT(1701194404285 3538) q(0 0 0 -1) r(3 3)
x-incap-sess-cookie-hdr
898BQOzSsi6+IEapE+bfEagqZmUAAAAAkqJVlqmNeHtY+dhf/HE3XA==
content-length
1138
b9d8abda-08a8-41d0-bc37-2251b1ceb7da
https://member.uhc.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://member.uhc.com/b9d8abda-08a8-41d0-bc37-2251b1ceb7da
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e4d8817bd18243f8ebf46ad9d031b8bd2f699a2b9dde90285c069fe0423a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
25573
Content-Type
1119.54916d5a3bafbed37ee7.js
member.uhc.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/1119.54916d5a3bafbed37ee7.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.8c97408015db09fa6c3b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bdb273ff8247f8a6387f2709a07ab413442fff6744c82b65c30491d6f8024d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-1933"
content-type
application/javascript
x-iinfo
10-154606839-154605865 2VNN RT(1701194404285 3555) q(0 0 0 -1) r(1 1)
content-length
2411
UHC2020Sans-SemiBold.woff2
member.werally.com/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-SemiBold.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
4-51552042-51552256 NNNN CT(96 180 0) RT(1701194405567 2275) q(0 0 3 -1) r(4 4) U12
content-length
22816
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5920"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
fxVAQ8kP2BfQI0apE+bfEagqZmUAAAAA9KUtC8PT9kfN04Tx8pinMA==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Bold.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
4-51552042-51552044 PNNN RT(1701194405567 2278) q(0 0 0 -1) r(1 1) U12
content-length
22420
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5794"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
H6DQPHenCG3QI0apE+bfEacqZmUAAAAAhwD0l8h+mbY2NybmBRAqlw==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
system-help-circle.svg
member.werally.com/assets/icons/ 		518 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-help-circle.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5389f2e365cb16126b510ace2903284ffa023548b4ac7d7f69f0491016e8065c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-206"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
4-51552042-51544121 2VNN RT(1701194405567 2284) q(0 0 0 -1) r(4 4)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
sI+kQ5u7RmXQI0apE+bfEagqZmUAAAAAeHWC9nbpp2QDfFVx9XqXIg==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
338
system-arrow-down.svg
member.werally.com/assets/icons/ 		151 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-arrow-down.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
594bfe6f8e2ec741004affc9436a83e3d3ddd889ed86afb65c4ff9cae9d06352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-97"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
4-51552042-51551601 2VNN RT(1701194405567 2286) q(0 0 0 -1) r(3 3)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
dQS/bt5AcQDQI0apE+bfEagqZmUAAAAAVgeOJTK+2o/tHVjH1/rWug==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
148
uhc.svg
member.uhc.com/images/branding/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://member.uhc.com/images/branding/uhc.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5d8b74dcd5b720df1c794df7f65581b0acf0eeb339d0a146f873bd6d4817b419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-14ad"
content-type
image/svg+xml
x-iinfo
10-154606839-154605852 2VNN RT(1701194404285 3564) q(0 0 0 -1) r(1 1)
content-length
1734
rally-inverse.svg
member.uhc.com/images/branding/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://member.uhc.com/images/branding/rally-inverse.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0c22b90aff591dc71f66f5b15a19b7939f6a280d61faabc02c297857b3546b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 14 Nov 2023 17:13:10 GMT
x-cdn
Imperva
etag
"6553aaa6-8d2"
content-type
image/svg+xml
x-iinfo
10-154606839-154605579 2VNN RT(1701194404285 3567) q(0 0 0 -1) r(1 1)
content-length
967
shared-header-footer.json
member.uhc.com/ 		514 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/shared-header-footer.json
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
x-datadog-parent-id
4557130236808646199
x-datadog-trace-id
28494447638707114

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Sat, 18 Nov 2023 04:32:41 GMT
x-cdn
Imperva
etag
"65583e69-202"
x-frame-options
DENY
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
10-154606839-154607400 NNYN CT(90 195 0) RT(1701194404285 3569) q(0 0 3 -1) r(4 4) U2
cache-control
no-cache
accept-ranges
bytes
x-xss-protection
1; mode=block
shared-header-footer.json
member.uhc.com/ 		514 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/shared-header-footer.json
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
x-datadog-parent-id
8761283372798035418
x-datadog-trace-id
7263349042014056160

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Sat, 18 Nov 2023 04:32:41 GMT
x-cdn
Imperva
etag
"65583e69-202"
x-frame-options
DENY
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
10-154606839-154606842 PNYN RT(1701194404285 3571) q(0 0 0 -1) r(1 1) U2
cache-control
no-cache
accept-ranges
bytes
x-xss-protection
1; mode=block
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Axhr%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=023f6434-da3c-4f7f-8906-7e8a41bc230e
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:f065:7c16:200d:1ada Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
2847f37a434edc45e4fbdf798fd331af3a807fdd1efc04b1b6da23323f2ce791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7evS1PG90WnvPQ91

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
logout-api
api.member.uhc.com/rest/user/v1/session/
Redirect Chain
  • https://api.member.uhc.com/rest/user/v1/session/logout
  • https://api.member.uhc.com/rest/user/v1/session/logout-api
0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/logout-api
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Protocol
H2
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rally-correlationid
wTw8yiVsLQL3Zb-arcade_user
date
Tue, 28 Nov 2023 18:00:09 GMT
x-cdn
Imperva
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
x-iinfo
10-155728795-155728798 PNNN RT(1701194406336 2522) q(0 0 0 -1) r(1 1) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
private, no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
jsg1ESlE6BQk7gruIF0GFagqZmUAAAAAKnUD4FrAF+DSjrCVtYyfog==
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
content-length
0

Redirect headers

x-rally-correlationid
NtUBSNdZGMAxD9-arcade_user
date
Tue, 28 Nov 2023 18:00:08 GMT
x-cdn
Imperva
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
location
https://api.member.uhc.com/rest/user/v1/session/logout-api
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
private, no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
3NmLFI+peiQk7gruIF0GFagqZmUAAAAASpf3Of9niwpEB6wzAU43Jw==
x-iinfo
10-155728795-155729084 NNNY CT(92 189 0) RT(1701194406336 2304) q(0 0 0 -1) r(1 1) U24
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
content-length
0
logout
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/logout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,rp-token-suffix,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id,xsrf-token
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Tue, 28 Nov 2023 18:00:08 GMT
x-cdn
Imperva
x-iinfo
6-81557578-81557896 NNNN CT(90 181 0) RT(1701194405932 2303) q(0 0 3 -1) r(4 4) U24
x-incap-sess-cookie-hdr
GeNMTejYun4k7gruIF0GFagqZmUAAAAAm8TqWeYN3WvBA83UcEUUKw==
x-rally-correlationid
UdkmRHUQeWvqwH-arcade_user
p-074969b7.js
member.uhc.com/chat/chatter-box/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/p-074969b7.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4dcb69b9882ad3a3e5f898c94ac0382a69af28b1fab8a4b5b62bdfaa87629632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-30f9"
content-type
application/javascript
x-iinfo
10-154606839-154598797 2VNN RT(1701194404285 3923) q(0 0 0 -1) r(3 3)
x-incap-sess-cookie-hdr
c9GKTf/u3GW+IEapE+bfEagqZmUAAAAAt3KU6d7vF3Oycawm9ksuKA==
content-length
5771
p-1dd0c357.js
member.uhc.com/chat/chatter-box/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/p-1dd0c357.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
48fc8ee37833527dc694155e28e03707c6c07cf553124fd71dceedc29ace166c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Origin
https://member.uhc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 18:00:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 05:26:50 GMT
x-cdn
Imperva
etag
"6421291a-4e9"
content-type
application/javascript
x-iinfo
10-154606839-154605145 2VNN RT(1701194404285 3932) q(0 0 0 -1) r(3 3)
x-incap-sess-cookie-hdr
yaKUah2nOnu+IEapE+bfEagqZmUAAAAA0mQmdQMLczg9Eml74Hhpew==
content-length
761
logout-api
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/logout-api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,rp-token-suffix,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id,xsrf-token
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Tue, 28 Nov 2023 18:00:08 GMT
x-cdn
Imperva
x-iinfo
6-81557578-81557959 NNNY CT(88 183 0) RT(1701194405932 2818) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr
U34ZYOx7VCs79QruIF0GFagqZmUAAAAAqAN1uuyLbWfWlStEyOxsWA==
x-rally-correlationid
CdKLFT8J8e4a9i-arcade_user
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Afetch%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=952cdd8d-2bf6-4ac7-a349-bee04a7e987d&batch_time=1701194409058
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:fce1:9f9f:b4a:88c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 18:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
prelogin
api.member.uhc.com/rest/user/v1/session/ 		56 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/prelogin
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

RP-Token-Suffix
MU
accept-language
de-DE,de;q=0.9
Arcade-Locale
null
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/json
Accept
application/json
Referer
https://member.uhc.com/
x-datadog-parent-id
5740882966228991384
x-datadog-trace-id
8884110934688150135
XSRF-TOKEN
undefined

Response headers

x-rally-correlationid
HvMS4yXNdPFHzf-arcade_user
date
Tue, 28 Nov 2023 18:00:09 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Accept
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://member.uhc.com
x-iinfo
10-155728795-155729084 PNYy RT(1701194406336 2738) q(0 0 0 -1) r(1 1) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
private, no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
q+QCWpM57mwk7gruIF0GFakqZmUAAAAAskovAN6mQ43X9r1R8307vw==
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
prelogin
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/prelogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,content-type,rp-token-suffix,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id,xsrf-token
Access-Control-Request-Method
POST
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, POST
cache-control
no-cache, no-store, must-revalidate
date
Tue, 28 Nov 2023 18:00:09 GMT
x-cdn
Imperva
x-iinfo
6-81557578-81557588 PNNN RT(1701194405932 3035) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr
ZoNgJLOusTg79QruIF0GFakqZmUAAAAApQ/lrFqCM+WrD3vyM231Iw==
x-rally-correlationid
cf2s2SGcj2hUVx-arcade_user
Primary Request login
www.healthsafe-id.com/rt/
Redirect Chain
  • https://member.uhc.com/plan-selector/automatic?locale=en-US&portal=myuhc&membershipCategory=DEFAULT
  • https://sso.optum.com/ext/as/authorization.oauth2?pfidpadapterid=HsidNewUIOidc&client_id=planselector_hsid_prod&response_type=code&scope=openid+profile&redirect_uri=https%3A%2F%2Fmember.uhc.com%2Fp...
  • https://www.healthsafe-id.com/rt/secure/auth/myuhc/en?resume=/as/sJ14aKOuWq/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirec...
  • https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2Fs...
4 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2FsJ14aKOuWq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Dmyuhc%26lang%3Den%26client_id%3Dplanselector_hsid_prod&reason=0
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/1119.54916d5a3bafbed37ee7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.154.122 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2F&lob=E%26I&membershipCategory=DEFAULT&locale=en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Tue, 28 Nov 2023 18:00:15 GMT
etag
expires
0
last-modified
pragma
no-cache
server
AmazonS3
vary
Accept-Encoding
via
1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-amz-cf-id
-lNqmi8f3r31YUR8vj7TudbMyph_8aA9u9d-4n9m3wUoqlqIi0F0uA==
x-amz-cf-pop
MUC50-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
MEHITn5XRULNgPdT3dRqmbPthst_Oeo2
x-cache
RefreshHit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-length
0
content-type
text/html;charset=utf-8
date
Tue, 28 Nov 2023 18:00:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FAos4uvEAPf%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fmyuhc%2Fen%3Fresume%3D%2Fas%2FsJ14aKOuWq%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fplan-selector%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Dmyuhc%26lang%3Den%26client_id%3Dplanselector_hsid_prod&reason=0
pragma
no-cache
referrer-policy
origin
server
Apache
strict-transport-security
max-age=16070400; includeSubDomains; preload
via
1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
x-amz-cf-id
UHH_4xIZ3Z9GB7qrRFb043yLVZ6hCDdhCHp-0WDfSlxY5L1jV3tV0Q==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=cc67aef4-0e8a-4d69-a631-c25dc04f6365&batch_time=1701194409291
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:fce1:9f9f:b4a:88c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3Anavigation-prod-1%2Cservice%3Aarcade-ui%2Cversion%3A2.331.0&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=7140f078-5d0b-4914-8446-82f9265e86f1
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.a1585143405fa0a87618.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:f065:7c16:200d:1ada Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://member.uhc.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryOzsQjO1pOA7vv6QL

Response headers
bundles-average.js
www.healthsafe-id.com/assets/ 		0
0
b6030f906c1066bc_complete.js
dtsaas-sgw.uhc.com/jstag/managed/17a3a45c-ebd2-4cdb-86ec-5f31606b813f/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.healthsafe-id.com
URL
https://www.healthsafe-id.com/assets/bundles-average.js
Domain
dtsaas-sgw.uhc.com
URL
https://dtsaas-sgw.uhc.com/jstag/managed/17a3a45c-ebd2-4cdb-86ec-5f31606b813f/b6030f906c1066bc_complete.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

10 Cookies

Domain/Path Name / Value
.uhc.com/ Name: visid_incap_2076937
Value: Aw1mQB0DQIGQGa2G9VGYRaQqZmUAAAAAQUIPAAAAAABxr0QawGJK2G9TdMCjQtsh
.uhc.com/ Name: incap_ses_1288_2076937
Value: p1gqba2+wjG+IEapE+bfEaQqZmUAAAAA65/dPw8fYCd38KVz20BzNQ==
.member.uhc.com/ Name: X-Dashboard-Canary
Value: always
.member.uhc.com/ Name: visid_incap_1142757
Value: q7bP/EG8ReKp3S5qLV9uNaUqZmUAAAAAQUIPAAAAAAAkHfx8Ojk6ix1Oqk2dcYl+
.member.uhc.com/ Name: incap_ses_1515_1142757
Value: EA5sNTh7Ck4k7gruIF0GFaYqZmUAAAAAfei1G3VKDX2Mye0583H8Rg==
.member.uhc.com/ Name: Arcade-OIDC-State
Value: 11a1466c15f99daccd2575e4d94523970b0e538c-loginStartTime=2023-11-28T18%3A00%3A09.227175&redirectUrl=https%3A%2F%2Fmember.uhc.com%2F&stateCode=e2bec0e5-3e2f-4daa-b8fa-6a54eaea1a4e
.member.uhc.com/ Name: PS_XSRF
Value: YzJhYTc3MWMtYWZiYy00Zjc4LTg2YzktMjQ4MDVhMmQxNTQ0
.member.uhc.com/ Name: PS_Locale
Value: en-US
.member.uhc.com/ Name: PS_Internal_State
Value: eyJzdGF0ZSI6IHsicGxhblNlbGVjdGlvbkZsb3ciOiAiREVGQVVMVCIsICJwb3J0YWwiOiAibXl1aGMiLCAicXVlcnlQYXJhbWV0ZXJzIjogIntcImxvY2FsZVwiOiBcImVuLVVTXCIsIFwibWVtYmVyc2hpcENhdGVnb3J5XCI6IFwiREVGQVVMVFwiLCBcInBvcnRhbFwiOiBcIm15dWhjXCJ9In19
member.uhc.com/ Name: _dd_s
Value: rum=1&id=41201cc3-855d-4ebe-9914-13d427decef3&created=1701194405941&expire=1701195308196

1 Console Messages

Source Level URL
Text
network error URL: https://api.member.uhc.com/rest/user/v1/session/heartbeat
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.member.uhc.com
dtsaas-sgw.uhc.com
member.uhc.com
member.werally.com
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
sso.optum.com
www.healthsafe-id.com
dtsaas-sgw.uhc.com
www.healthsafe-id.com
107.154.114.243
168.183.36.21
18.173.154.122
2600:1f18:24e6:b901:fce1:9f9f:b4a:88c3
2600:1f18:24e6:b902:f065:7c16:200d:1ada
45.60.33.26
0c22b90aff591dc71f66f5b15a19b7939f6a280d61faabc02c297857b3546b97
26c8d77a2262dfc900224625d65dde80145cf10a4f3da567d8fb0ae7b69b6bd0
2847f37a434edc45e4fbdf798fd331af3a807fdd1efc04b1b6da23323f2ce791
296a4adada303b49f3a95774b9cceede41837adbe157c65806bff71e764ea936
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
30e4d8817bd18243f8ebf46ad9d031b8bd2f699a2b9dde90285c069fe0423a11
47a5caf29ae47dd694629c758721824c8aef76423ddc08b58f65dc0ba7cecb78
48fc8ee37833527dc694155e28e03707c6c07cf553124fd71dceedc29ace166c
4dcb69b9882ad3a3e5f898c94ac0382a69af28b1fab8a4b5b62bdfaa87629632
5389f2e365cb16126b510ace2903284ffa023548b4ac7d7f69f0491016e8065c
594bfe6f8e2ec741004affc9436a83e3d3ddd889ed86afb65c4ff9cae9d06352
5d8b74dcd5b720df1c794df7f65581b0acf0eeb339d0a146f873bd6d4817b419
67b6131141388d481febe3f6892356687aa9c35b6f01aedf1c333f05f6db944b
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
9331b9a568428f35c8f6adc0446fda3a08cec38bc46628a53bc1f360cac5ddda
afdf62fdf53fa2c0970d7abe461a51ce48b4e09e7c8cf7eb3aa79f74fe469254
b7c7dfb27299f367c58da5086c16f6cd5d3b2dfcae2d9819d211b804bf7c128d
bdb273ff8247f8a6387f2709a07ab413442fff6744c82b65c30491d6f8024d04
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
e24de1f009cf2c0fe93ff6d54ad0fc33c4900798e344ae655e5c143552dbb25f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
f30e5c9afced9720f66f49f43f111c89c0073ebf09e8384151d8a623b5ff68c0