urlscan.io logo urlscan.io
SecurityTrails logo

my.cigna.com Open in urlscan Pro
170.48.10.142  Public Scan

Go To Rescan Add Verdict Report
URL: https://my.cigna.com/
Submission: On June 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 37 HTTP transactions. The main IP is 170.48.10.142, located in Hartford, United States and belongs to CIGNA-1, US. The main domain is my.cigna.com. The Cisco Umbrella rank of the primary domain is 95596.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 18th 2023. Valid for: a year.
This is the only time my.cigna.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 170.48.10.142 11406 (CIGNA-1)
37 2
Apex Domain
Subdomains		 Transfer
4 cigna.com
my.cigna.com — Cisco Umbrella Rank: 95596
static.cigna.com Failed
113 KB
0 Failed
function sub() { [native code] }. Failed
37 2
Domain Requested by
4 my.cigna.com my.cigna.com
0 static.cigna.com Failed my.cigna.com
0 burp Failed
0 127.0.0.1 Failed my.cigna.com
0 rumola Failed my.cigna.com
0 invalid Failed my.cigna.com
37 6

This site contains no links.

Subject Issuer Validity Valid
my.cigna.com
Entrust Certification Authority - L1K		 2023-07-18 -
2024-08-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://my.cigna.com/
Frame ID: 212EC88636BA27A6E1A7C50DC01D6D9B
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Request Rejected

Page URL History Show full URLs

  1. https://my.cigna.com/ Page URL
  2. https://my.cigna.com/ Page URL

Page Statistics

37
Requests

11 %
HTTPS

0 %
IPv6

2
Domains

6
Subdomains

2
IPs

1
Countries

113 kB
Transfer

312 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.cigna.com/ Page URL
  2. https://my.cigna.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
my.cigna.com/ 		5 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.cigna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
170.48.10.142 Hartford, United States, ASN11406 (CIGNA-1, US),
Reverse DNS
my.cigna.com
Software
/
Resource Hash
ba6eaa4b39026578a8c48310c9e15736391aaabede64ccd4f3f08e22d10abc45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, must-revalidate, no-cache, max-age=0
Content-Length
5222
Content-Type
text/html
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
08265aa40aab2000e1daccd5d566a1e1691de3df8160c62aefc3878e517ca3c4dab5a831c5d7665c
my.cigna.com/TSPD/ 		286 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.cigna.com/TSPD/08265aa40aab2000e1daccd5d566a1e1691de3df8160c62aefc3878e517ca3c4dab5a831c5d7665c?type=10
Requested by
Host: my.cigna.com
URL: https://my.cigna.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
170.48.10.142 Hartford, United States, ASN11406 (CIGNA-1, US),
Reverse DNS
my.cigna.com
Software
/
Resource Hash
aaf416e25b105608df67345a1953692ea612cbafdb190d462f6fd366ac777af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://my.cigna.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=86400
Content-Length
86288
X-XSS-Protection
1; mode=block
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
rumola48.png
rumola/content/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
/
invalid/ 		0
0
404
127.0.0.1/ 		0
0
random_url
127.0.0.1/ 		0
0
400_random_url_with_numbers_403
127.0.0.1/ 		0
0
200
127.0.0.1/ 		0
0
403
127.0.0.1/ 		0
0
302
127.0.0.1/ 		0
0
favicon.ico
burp/ 		0
0
Primary Request /
my.cigna.com/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.cigna.com/
Requested by
Host: my.cigna.com
URL: https://my.cigna.com/TSPD/08265aa40aab2000e1daccd5d566a1e1691de3df8160c62aefc3878e517ca3c4dab5a831c5d7665c?type=10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
170.48.10.142 Hartford, United States, ASN11406 (CIGNA-1, US),
Reverse DNS
my.cigna.com
Software
/
Resource Hash
b976d2af23cae78f19e51c6d48c64d9bf994213708f8fbe38357ddf4cd802fc3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'nonce-R62NocVJ7408B2'; default-src 'self'; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my.cigna.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Connection
close
Content-Length
19658
Content-Security-Policy
script-src 'self' 'nonce-R62NocVJ7408B2'; default-src 'self'; frame-ancestors 'self'; form-action 'self'
Content-Type
text/html; charset=utf-8
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
cigna-logo.svg
static.cigna.com/spa/my-cigna/assets/images/ 		0
0
favicon.ico
my.cigna.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://my.cigna.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
170.48.10.142 Hartford, United States, ASN11406 (CIGNA-1, US),
Reverse DNS
my.cigna.com
Software
BigIP /
Resource Hash
492d59030435c1398699fe177a0d1c859d92cd4e284236974f785ece8988fe21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://my.cigna.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 03 Jun 2024 18:15:36 GMT
Last-Modified
Fri, 12 Dec 2008 00:11:58 GMT
Server
BigIP
Age
2675
ETag
"47e-45dce57692f80"
X-Frame-Options
DENY
Content-Type
image/x-icon
Cache-Control
max-age=3600, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1150

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
rumola
URL
chrome://rumola/content/rumola48.png
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
invalid
URL
chrome-extension://invalid/
Domain
127.0.0.1
URL
http://127.0.0.1:8888/404
Domain
127.0.0.1
URL
http://127.0.0.1:8888/random_url
Domain
127.0.0.1
URL
http://127.0.0.1:8888/400_random_url_with_numbers_403
Domain
127.0.0.1
URL
http://127.0.0.1:8888/200
Domain
127.0.0.1
URL
http://127.0.0.1:8888/403
Domain
127.0.0.1
URL
http://127.0.0.1:8888/302
Domain
burp
URL
https://burp/favicon.ico
Domain
static.cigna.com
URL
https://static.cigna.com/spa/my-cigna/assets/images/cigna-logo.svg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
my.cigna.com/ Name: TS51c47c46078
Value: 08265aa40aab2000d99c68358f3a9bb3535405fbe1df9033e1d127a353e72d78c3c73d3582c7a2c308100b5a3a186001224a4c30fb99381124fdc6026562c039e7e359abf10b3a15f4be644281eef2115166329624764f1fd098dcfbbc56a3d45452cd5d6face5923fd971853252a34f88a3c605deb0dac229d44a68fa6b7d3553ad9d948053081af884eddad5b99960c4cceaa8a373c62ba6db5886b59f3f7eff4d4ee2fde3b03dbaf6a0aaf1a7246a0b8e7fb6b4e5f3221457de5e980daffc24ddca1d080e1b63a37af88fa2beec2f0d43864d9c53aeb9b1bca4c227cc49567922f4dc0723f8a568f94433c6009d99a21a1100f682705a283ff93d1087f36621d9b08801bcf93cbca214e1fb81b1d15e8f09ceca680558d06b59a7092f68a2c602b96c0d6004c39af2713938cad5342beea376f32d191970ae86f8caaaf12fb44941d62852ec3ad45471994acaee14154d8851a2a29d62e1e17297c34bf0ef84a65f7d910875ac820d07f7e3a68895cffd232de7334ccfc6907f0d5d731dad1fe15f9ff8fdabe57d4848c7aad63f52
my.cigna.com/ Name: TS51c47c46029
Value: 08265aa40aab2800f03f8495dc977bdefa8c9e14a36f710350ab351997f0d3611ef43e8380b2eb8a464ec650ca8c8743
my.cigna.com/ Name: TSPD_101
Value: 08265aa40aab28004f947353aa3fdf0af4ea685c06ed3e964de9d5f8a541d102c74b91f9d2e565e9a1bd0e0b066b5dc5084fc1425c05180091483a70142ec86077878420e5da6ec287d626183c010d77
my.cigna.com/ Name: TSd7f22d24027
Value: 08265aa40aab2000d1a8608dc75e64f00d82a95ed86e98c495f07b6971501ea89a81c8b990509d1c08fcf2f6071130006984edd8bc6c476c57decc1204bc153ea86170738610641b79425186dbc726cb7e2491f6ee89a09a6235397c8de002bd

30 Console Messages

Source Level URL
Text
javascript error URL: https://my.cigna.com/TSPD/08265aa40aab2000e1daccd5d566a1e1691de3df8160c62aefc3878e517ca3c4dab5a831c5d7665c?type=10(Line 575)
Message:
Not allowed to load local resource: chrome://rumola/content/rumola48.png
security warning URL: https://my.cigna.com/
Message:
Mixed Content: The page at 'https://my.cigna.com/' was loaded over HTTPS, but requested an insecure element 'http://burp/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: https://burp/favicon.ico
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://my.cigna.com/(Line 4)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-UoF0GJtmcFnNpl9q0Ot/N73qx/PgY9Imf1DPHOhArhA='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://my.cigna.com/(Line 608)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-7Pu3hinXdj8VFYmteOTmNXWMU+7rB6e//vfADReF/io='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://my.cigna.com/(Line 632)
Message:
Refused to load the image 'https://static.cigna.com/spa/my-cigna/assets/images/cigna-logo.svg' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block