Submitted URL: https://ucardhub.uhc.com/
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On June 21 via manual from US — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 46 HTTP transactions. The main IP is 18.239.36.57, located in and belongs to . The main domain is www.healthsafe-id.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 30th 2023. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.83.15.102 14618 (AMAZON-AES)
2 20 45.60.33.26 19551 (INCAPSULA)
2 3.161.119.108 16509 (AMAZON-02)
1 2600:9000:216... 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 45.223.234.243 19551 (INCAPSULA)
2 52.209.70.65 16509 (AMAZON-02)
6 104.17.208.240 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
1 52.19.228.126 16509 (AMAZON-02)
1 1 54.228.184.13 16509 (AMAZON-02)
1 66.235.152.156 15224 (OMNITURE)
1 1 149.111.144.83 10879 (UHC)
2 3 18.239.36.57 ()
1 2600:1f18:24e... 14618 (AMAZON-AES)
46 13
Apex Domain
Subdomains
Transfer
25 uhc.com
ucardhub.uhc.com
member.uhc.com — Cisco Umbrella Rank: 53178
digital-cdn.uhc.com Failed
lagoon-cloud.uhc.com — Cisco Umbrella Rank: 346003
api.member.uhc.com — Cisco Umbrella Rank: 66603
dtsaas-sgw.uhc.com Failed
748 KB
6 qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 35573
siteintercept.qualtrics.com — Cisco Umbrella Rank: 828
71 KB
3 healthsafe-id.com
www.healthsafe-id.com
3 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 19528
2 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 428
176 KB
2 datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9470
2 onelink-edge.com
www.onelink-edge.com — Cisco Umbrella Rank: 23765
83 KB
1 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 9552
1 optum.com
sso.optum.com — Cisco Umbrella Rank: 56009
808 B
1 omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 18565
848 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1336
517 B
1 werally.com
member.werally.com — Cisco Umbrella Rank: 59434
23 KB
46 12
Domain Requested by
19 member.uhc.com 2 redirects member.uhc.com
5 siteintercept.qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
member.uhc.com
siteintercept.qualtrics.com
4 api.member.uhc.com member.uhc.com
3 www.healthsafe-id.com 2 redirects member.uhc.com
www.healthsafe-id.com
3 assets.adobedtm.com member.uhc.com
assets.adobedtm.com
2 rum-http-intake.logs.datadoghq.com member.uhc.com
2 dpm.demdex.net member.uhc.com
2 www.onelink-edge.com member.uhc.com
www.onelink-edge.com
1 session-replay.browser-intake-datadoghq.com member.uhc.com
1 sso.optum.com 1 redirects
1 unitedhealthgroup.tt.omtrdc.net member.uhc.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com member.uhc.com
1 member.werally.com member.uhc.com
1 lagoon-cloud.uhc.com member.uhc.com
1 ucardhub.uhc.com 1 redirects
0 dtsaas-sgw.uhc.com Failed www.healthsafe-id.com
0 digital-cdn.uhc.com Failed member.uhc.com
46 19

This site contains no links.

Subject Issuer Validity Valid
member.uhc.com
COMODO RSA Organization Validation Secure Server CA
2023-07-27 -
2024-07-26
a year crt.sh
onelink-edge.com
Amazon RSA 2048 M02
2024-04-21 -
2025-05-19
a year crt.sh
lagoon-cloud.optum.com
COMODO RSA Organization Validation Secure Server CA
2023-08-02 -
2024-08-01
a year crt.sh
*.werally.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-28 -
2024-07-28
a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
api.member.uhc.com
COMODO RSA Organization Validation Secure Server CA
2023-07-27 -
2024-07-26
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-27 -
2025-02-19
a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-16 -
2025-02-17
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2023-08-22 -
2024-09-21
a year crt.sh
www.healthsafe-id.com
COMODO RSA Organization Validation Secure Server CA
2023-09-30 -
2024-09-29
a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-14 -
2025-05-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FOOCNNOpisF%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Ducard%26lang%3Dde%26client_id%3Ducard_oneportal_hsid_prod&reason=0
Frame ID: 2D7730FF753FFA3DE9F4D60906F6AF91
Requests: 44 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: DE787D191602092312764260D4BB827D
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ucardhub.uhc.com/ HTTP 301
    https://member.uhc.com/ucard/balance Page URL
  2. https://member.uhc.com/plan-selector/automatic?portal=ucard HTTP 302
    https://member.uhc.com/one-portal/automatic?portal=ucard HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?scope=openid+profile&pfidpadapterid=HsidNewUIOid... HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/ucard/de?resume=/as/OOCNNOpisF/resume/as/authorization.ping&s... HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL

Page Statistics

46
Requests

89 %
HTTPS

27 %
IPv6

12
Domains

19
Subdomains

13
IPs

4
Countries

1099 kB
Transfer

4244 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ucardhub.uhc.com/ HTTP 301
    https://member.uhc.com/ucard/balance Page URL
  2. https://member.uhc.com/plan-selector/automatic?portal=ucard HTTP 302
    https://member.uhc.com/one-portal/automatic?portal=ucard HTTP 302
    https://sso.optum.com/ext/as/authorization.oauth2?scope=openid+profile&pfidpadapterid=HsidNewUIOidc&response_type=code&redirect_uri=https%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback&state=aWQ9NTUwZmU2MjItYmJiNi00Y2M0LTk4MjMtYzMzYWJmNmU2NjMzJnVpPWZhbHNlJmNpZD1ZQVFueEU2ZlVmbjhoNS1Fc3ByZXNzb19EYXNoYm9hcmQ%3D&portal=ucard&lang=de&locale=de-DE&client_id=ucard_oneportal_hsid_prod HTTP 302
    https://www.healthsafe-id.com/rt/secure/auth/ucard/de?resume=/as/OOCNNOpisF/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://member.uhc.com/one-portal/protected/oidc/v1/callback&portal=ucard&lang=de&client_id=ucard_oneportal_hsid_prod HTTP 302
    https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoibGtsRkxZZjZTbEtxODBhcjZoelRtTEhhODlrIiwic3VmZml4IjoiWm5JampkLjE3MTkwMDA0ODIifQ..p3zL-rsjUGvXfYWQnteU4Q.-MkQIbMwMcx9fvJObMEHbYf3ZJ-GNfd3zuJiyIjDEb4pAIvIuP7xUUtSmGSYJksJp5pmv5GFQ9WvXCaOx6Kr9SmH-s5bNVNBJXyNgAiWUcG9uu9YUKcP9pjIcGxpRU-WVFJtxyI6UYuaWTvLbRFBPOwPDTJgcAZKrylT1WMQ7RHtoy9LLY0xNaM4g6yfJzOYaFGqkK_0t3MPJiNhCXM6vhXua8xmoZy2WNlwYxJ0MiIA_7x3eyLMbGxt1N1f9MAxwJmf2nwQxd4nFFrIm4c5h3hX6sEq6DS9nCRO4NHGznKR_6DPZI6lIcxniORG6PT9Wz4iJk7K_JjXhe5qPx5Eww.wrBKnR_0qeAO_Rw1kPcSow&nonce=lOkYK3iRfdp90xkKIuQNk3xVoX0RuXh_3ufhDvihJNI&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FOOCNNOpisF%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Ducard%26lang%3Dde%26client_id%3Ducard_oneportal_hsid_prod&vnd_pi_application_name=HSIDProdRTApp HTTP 302
    https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FOOCNNOpisF%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Ducard%26lang%3Dde%26client_id%3Ducard_oneportal_hsid_prod&reason=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ucardhub.uhc.com/ HTTP 301
  • https://member.uhc.com/ucard/balance
Request Chain 34
  • https://cm.everesttech.net/cm/dd?d_uuid=15824851278663703684238590357073723629 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnXccwAAAF2HqgOV

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
balance
member.uhc.com/ucard/
Redirect Chain
  • https://ucardhub.uhc.com/
  • https://member.uhc.com/ucard/balance
5 KB
2 KB
Document
General
Full URL
https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
85536d05fa37c73df76fbf64e3d00bcf0ee8e847618b0c1a4e00788c0e87a6e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 21 Jun 2024 20:02:57 GMT
ETag
"667568cd-1420"
Last-Modified
Fri, 21 Jun 2024 11:49:33 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-CDN
Imperva
X-Iinfo
11-136449729-136449735 NNYN CT(94 190 0) RT(1719000176428 24) q(0 0 3 0) r(4 4) U12

Redirect headers

content-length
134
content-type
text/html
date
Fri, 21 Jun 2024 20:02:56 GMT
location
https://member.uhc.com:443/ucard/balance
server
awselb/2.0
icons.css
digital-cdn.uhc.com/styles/
0
0

moxie.min.js
www.onelink-edge.com/
383 KB
77 KB
Script
General
Full URL
https://www.onelink-edge.com/moxie.min.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-108.vie50.r.cloudfront.net
Software
/
Resource Hash
7510e74896813a1020dc71176a733fe34683be48c3c5b33ecb403be58ddebf98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:39 GMT
content-encoding
br
via
1.1 833cf3734f11e96b0710bcbbca86e60a.cloudfront.net (CloudFront)
last-modified
Mon, 17 Jun 2024 12:53:38 GMT
x-amz-cf-pop
VIE50-P2
age
18
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-cache,age,content-disposition
cache-control
max-age=1800
cross-origin-resource-policy
cross-origin
x-xapis-milliseconds
4
x-amz-cf-id
DJhWZH3D9bepibGi3lswVApADKD71LtO5jJPKDa0u6yO4MJ6kZPhsQ==
327.81b41dff.js
member.uhc.com/ucard/static/js/
172 KB
45 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/327.81b41dff.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b9aa256ed07383fab9004d7389261cf0cff250e44486ce077a82a87c88991115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-2afaa"
Content-Type
application/javascript
X-Iinfo
11-136449729-136433717 2CNN RT(1719000176428 502) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148085, public
Content-Length
45883
Expires
Sun, 23 Jun 2024 13:11:01 GMT
288.4b4a342a.js
member.uhc.com/ucard/static/js/
216 KB
59 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/288.4b4a342a.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
56feabb3b11f656a2977387a65907c85d4a23e462363acfca95d3219de173355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-3610e"
Content-Type
application/javascript
X-Iinfo
12-158237456-158236317 2CNN RT(1719000176907 27) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148085, public
Content-Length
59465
Expires
Sun, 23 Jun 2024 13:11:01 GMT
679.9c9fb54f.js
member.uhc.com/ucard/static/js/
128 KB
33 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/679.9c9fb54f.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
560eeec1b0aed8d6549fefa378e5698e38ac5956a27012afe0194232caf443a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-1feaf"
Content-Type
application/javascript
X-Iinfo
12-158237455-158233981 2CNN RT(1719000176907 30) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148085, public
Content-Length
33278
Expires
Sun, 23 Jun 2024 13:11:01 GMT
468.40bedc01.js
member.uhc.com/ucard/static/js/
166 KB
55 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/468.40bedc01.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1504b070c057bc703a78034a6f7564d19b335d73e7267b96e00ea111307fb5ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-296e1"
Content-Type
application/javascript
X-Iinfo
10-111510338-0 0CNN RT(1719000176908 33) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=148087, public
Content-Length
55970
Expires
Sun, 23 Jun 2024 13:11:03 GMT
435.86a71395.js
member.uhc.com/ucard/static/js/
125 KB
36 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/435.86a71395.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0e05d56bbe57de75430aace29f8188cf4e5d748629dae14d88572683ac9d7c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-1f20b"
Content-Type
application/javascript
X-Iinfo
12-158237457-158236864 2CNN RT(1719000176909 33) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148086, public
Content-Length
36522
Expires
Sun, 23 Jun 2024 13:11:02 GMT
770.85837f2e.js
member.uhc.com/ucard/static/js/
126 KB
42 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/770.85837f2e.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
db755c46473f9f4a67bb34d0cf1e723947a0592942a250db243f2738cde976a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-1f967"
Content-Type
application/javascript
X-Iinfo
12-158237458-0 0CNN RT(1719000176909 36) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=148086, public
Content-Length
42704
Expires
Sun, 23 Jun 2024 13:11:02 GMT
271.0709ed7f.js
member.uhc.com/ucard/static/js/
115 KB
33 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/271.0709ed7f.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c7e090529a5d8ba916b2ae5fc9034cfa496d9108f08d4bc92a7886f8a3cb52fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-1cdbc"
Content-Type
application/javascript
X-Iinfo
11-136449729-136433717 2CNN RT(1719000176428 562) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148086, public
Content-Length
33451
Expires
Sun, 23 Jun 2024 13:11:02 GMT
113.08994443.js
member.uhc.com/ucard/static/js/
460 KB
107 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/113.08994443.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2da843a5ab69aea63eef188eb1ec25de3612a4b08ce16a1083d14354b641037d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-730d0"
Content-Type
application/javascript
X-Iinfo
12-158237455-0 0CNN RT(1719000176907 97) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=148086, public
Content-Length
109211
Expires
Sun, 23 Jun 2024 13:11:03 GMT
206.60d10c83.js
member.uhc.com/ucard/static/js/
206 KB
66 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/206.60d10c83.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
07a1b1da7821fd7cf770ba4dd391ac79fa397fdedb12511b4174520bb4aab184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-33726"
Content-Type
application/javascript
X-Iinfo
12-158237458-158233353 2CNN RT(1719000176909 100) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148087, public
Content-Length
66631
Expires
Sun, 23 Jun 2024 13:11:04 GMT
239.fb202de0.js
member.uhc.com/ucard/static/js/
138 KB
43 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/239.fb202de0.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ac574838c1191dc63b3ff3166ab12a8e1206f93c74e022862af9bd4151d3c668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-22768"
Content-Type
application/javascript
X-Iinfo
12-158237457-158236864 2CNN RT(1719000176909 102) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148088, public
Content-Length
44078
Expires
Sun, 23 Jun 2024 13:11:05 GMT
958.52df1ace.js
member.uhc.com/ucard/static/js/
140 KB
45 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/958.52df1ace.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9a8fe19c7f677359d10875c1b7bcaad43314ce4c682ef21faff46ec8cb68c0d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-230b4"
Content-Type
application/javascript
X-Iinfo
12-158237456-158232543 2CNN RT(1719000176907 116) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148087, public
Content-Length
46109
Expires
Sun, 23 Jun 2024 13:11:04 GMT
811.9ff46485.js
member.uhc.com/ucard/static/js/
256 KB
63 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/811.9ff46485.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
aac6ff449447f4b011327220b2983438d5d0f1dfc189426df6cca80b109d81ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-3fe27"
Content-Type
application/javascript
X-Iinfo
10-111510338-111508043 2CNN RT(1719000176908 118) q(0 0 0 -1) r(0 0)
Cache-Control
max-age=148088, public
Content-Length
63787
Expires
Sun, 23 Jun 2024 13:11:05 GMT
main~43dd7041.acefa9d3.js
member.uhc.com/ucard/static/js/
11 KB
4 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/main~43dd7041.acefa9d3.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
26ad3e9a211c58d12857eb1cbd175c841fed08fc13678eb5fb054fa1cef72ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 19 Jun 2024 16:17:07 GMT
X-CDN
Imperva
Etag
"66730483-2a55"
Content-Type
application/javascript
X-Iinfo
11-136449729-136440214 2CNN RT(1719000176428 598) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=556416, public
Content-Length
3327
Expires
Fri, 28 Jun 2024 06:36:32 GMT
main~31743c5a.2a0071fa.js
member.uhc.com/ucard/static/js/
193 KB
81 KB
Script
General
Full URL
https://member.uhc.com/ucard/static/js/main~31743c5a.2a0071fa.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f374e67af94fd4f471236b7fd7db2672e8381a96ee9a7be4d0846498053c3936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 19 Jun 2024 16:17:07 GMT
X-CDN
Imperva
Etag
"66730483-30470"
Content-Type
application/javascript
X-Iinfo
12-158237457-158236864 2CNN RT(1719000176909 138) q(0 0 0 -1) r(0 0) U18
Cache-Control
max-age=556417, public
Content-Length
82742
Expires
Fri, 28 Jun 2024 06:36:33 GMT
main~e96e9bea.b0f4d38d.css
member.uhc.com/ucard/static/css/
146 KB
22 KB
Stylesheet
General
Full URL
https://member.uhc.com/ucard/static/css/main~e96e9bea.b0f4d38d.css
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3e7c43efb0974e754f111a41d47fcf8038f7670cde761125b2e81fd0b866fc87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 12 Jun 2024 07:05:20 GMT
X-CDN
Imperva
Etag
"666948b0-24982"
Content-Type
text/css
X-Iinfo
11-136449729-0 0CNN RT(1719000176428 445) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=148089, public
Content-Length
21743
Expires
Sun, 23 Jun 2024 13:11:05 GMT
P962C-9031-0D50-22FD.json
www.onelink-edge.com/xapis/PretranslateConfig/
110 KB
7 KB
XHR
General
Full URL
https://www.onelink-edge.com/xapis/PretranslateConfig/P962C-9031-0D50-22FD.json
Requested by
Host: www.onelink-edge.com
URL: https://www.onelink-edge.com/moxie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-108.vie50.r.cloudfront.net
Software
/
Resource Hash
560c889b01facf023849105aae39d12f05e044c1f1a66ce95d810d8e4d0a71e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:54:37 GMT
content-encoding
br
via
1.1 c02017c0568f69fe11bb53b10d46e1fc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P2
age
500
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-cache,age,content-disposition
cache-control
max-age=600
x-xapis-milliseconds
11
x-amz-cf-id
JXdF6jEUtzeXkaCk7doKk0sh4VGC4alhi6UF6z7BD-UCopCEYF8rcQ==
production
lagoon-cloud.uhc.com/app/ucard/env/
371 B
839 B
XHR
General
Full URL
https://lagoon-cloud.uhc.com/app/ucard/env/production
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/327.81b41dff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2165:600:9:be0d:c0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa590ff6cd2ca63571c280f8868a08679dee925f13573f1e6df2bdc37c9e3005

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
x-amz-meta-cache-control
max-age=0,no-cache,no-store,must-revalidate
via
1.1 ddcc211ea1d565c67eac00a91dda8304.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 04:59:58 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
etag
"e4968ca6db97d2f50d6a657b1730d88d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0,no-cache,no-store,must-revalidate
accept-ranges
bytes
content-length
371
x-amz-cf-id
hv2yq_21EM8zbTxYpI58a87EAlszPHJ7bBv3biDy_ANZ_n7yvRzVYA==
favicon.ico
member.uhc.com/ucard/
4 KB
5 KB
Other
General
Full URL
https://member.uhc.com/ucard/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/ucard/balance
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 20:02:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 21 May 2024 14:29:50 GMT
X-CDN
Imperva
Etag
"664cafde-10be"
Content-Type
image/x-icon
X-Iinfo
12-158237457-0 0CNN RT(1719000176909 287) q(0 -1 -1 -1) r(0 -1)
Cache-Control
max-age=1903806, public
Content-Length
4286
Expires
Sat, 13 Jul 2024 20:53:03 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02498bc41f30e3255de599c934d809d98d20c3b6e91bd2f10ec867c59c0f5085

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
UHC2020Sans-Medium.woff2
member.werally.com/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Medium.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/css/main~e96e9bea.b0f4d38d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
x-cdn
Imperva
etag
"61f337ee-5aac"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-iinfo
10-111510530-111510539 NNNN CT(96 198 0) RT(1719000178007 30) q(0 0 3 0) r(4 5) U12
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
23212
launch-e6edd8af55ce.min.js
assets.adobedtm.com/512027f42d3c/a42495d21182/
748 KB
162 KB
Script
General
Full URL
https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/main~31743c5a.2a0071fa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0e1fae2bfec74379acf28a74775904584939710b934169c1d398b831b2ee35e5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:58 GMT
content-encoding
gzip
last-modified
Fri, 14 Jun 2024 03:56:43 GMT
server
AkamaiNetStorage
etag
"e943e3cb9bfc664214244a5fd56b73d7:1718337403.688835"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://member.uhc.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jun 2024 21:02:58 GMT
heartbeat
api.member.uhc.com/rest/user/v1/session/
163 B
1 KB
XHR
General
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.234.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
86cca819ae01b89d4fee9e78e9a1536995a2873db277d4dee24e1c996738a763

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
RP-Token-Suffix
MU
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://member.uhc.com/
sec-ch-ua-platform
"Win32"

Response headers

x-rally-correlationid
dUNptnxSG2WoXH-arcade_user
date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-cdn
Imperva
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://member.uhc.com
x-iinfo
8-81879790-81879795 NNYN CT(92 183 0) RT(1719000179013 75) q(0 0 3 0) r(4 4) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary,x-rally-eligibilityid
heartbeat
api.member.uhc.com/rest/user/v1/session/ Frame
0
0
Preflight
General
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.234.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
rp-token-suffix
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary,x-rally-eligibilityid
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Fri, 21 Jun 2024 20:02:59 GMT
x-cdn
Imperva
x-iinfo
0-52431744-52431746 NNNN CT(101 210 0) RT(1719000178520 26) q(0 0 3 0) r(4 4) U24
x-rally-correlationid
LnMFnWJJqDkukX-arcade_user
b5bb8f19-ddbf-4a43-ba73-70cabfeaeacb
https://member.uhc.com/
26 KB
0
Other
General
Full URL
blob:https://member.uhc.com/b5bb8f19-ddbf-4a43-ba73-70cabfeaeacb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3710869da62795ff6299573d0e80c30ac33fdd3e2e1f042c6aedb1eab54528c6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
26169
Content-Type
id
dpm.demdex.net/
969 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1719000178642
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.209.70.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-70-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5cc7373401a9700ae1ca3dd048a3abd3ae487ee167f60983e6cf28def09c7602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v061-0739bb366.edge-irl1.demdex.com 8 ms
pragma
no-cache
date
Fri, 21 Jun 2024 20:02:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
+5rZ3XDITts=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://member.uhc.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
559
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/
34 KB
13 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:58 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 05:33:26 GMT
server
AkamaiNetStorage
etag
"208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://member.uhc.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12687
expires
Fri, 21 Jun 2024 21:02:58 GMT
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/
10 KB
5 KB
Script
General
Full URL
https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/balance
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93cdc2385798a53c11f17058fa76e46d62b5b728795165565cc8844edf7b85c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
77621
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"268a-Dl7lohIaAV36lSznmTwdsDO3ySE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8976996d3ddc91e3-FRA
RC677313e9249940d589449a826cea5bb3-source.min.js
assets.adobedtm.com/512027f42d3c/a42495d21182/7ad36c01943b/
577 B
587 B
Script
General
Full URL
https://assets.adobedtm.com/512027f42d3c/a42495d21182/7ad36c01943b/RC677313e9249940d589449a826cea5bb3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c01dfef375b7c7c00f7921e0572949b68e8bfe525d679061047640a52f7f542b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:58 GMT
content-encoding
gzip
last-modified
Fri, 14 Jun 2024 03:56:45 GMT
server
AkamaiNetStorage
etag
"efb3dfbbcfda4fab256ea48797f92b6f:1718337405.657032"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://member.uhc.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
330
expires
Fri, 21 Jun 2024 21:02:58 GMT
12.33794b2d8b69e431511e.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
74 KB
21 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.33794b2d8b69e431511e.chunk.js?Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web&Q_BRANDID=member.uhc.com
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b39e4fe2ac3dd2e0be713ae424af1d1f6f9788613754537e212e3e268fced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74297
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jun 2024 23:57:54 GMT
server
cloudflare
etag
W/"1282a-19004963fd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8976996dfee891e3-FRA
pub6504168b007ab6519cce72748c1726b1
rum-http-intake.logs.datadoghq.com/v1/input/
0
0
Ping
General
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub6504168b007ab6519cce72748c1726b1?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3AProduction%2Cservice%3Aucard-hub-ui%2Cversion%3A2024.6.19-fd9bbc8&batch_time=1719000178878
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

dest5.html
unitedhealthgroup.demdex.net/ Frame DE78
0
0
Document
General
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.228.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://member.uhc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Jun 2024 20:02:59 GMT
dcs
dcs-prod-irl1-2-v061-0c9211916.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 9 May 2024 12:26:52 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
AlBxiFVISIA=
ibs:dpid=411&dpuuid=ZnXccwAAAF2HqgOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=15824851278663703684238590357073723629
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnXccwAAAF2HqgOV
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnXccwAAAF2HqgOV
Protocol
H2
Server
52.209.70.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-70-65.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v061-0ae5c03d4.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 21 Jun 2024 20:02:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Ukp9WttuS1E=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnXccwAAAF2HqgOV
Date
Fri, 21 Jun 2024 20:02:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/
360 B
848 B
XHR
General
Full URL
https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=82af697b0fbf40f9b79b51cb6f2d59c4&version=2.10.2
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.235.152.156 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-66-235-152-156.data.adobedc.net
Software
jag /
Resource Hash
3831f40b4a9a03be4792b97ecc01c92be1d81bb377e05b7ece602812ccb11045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server
jag
x-content-type-options
nosniff
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://member.uhc.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
6bd888d7-0a08-41d0-a876-bcf70c76ba27
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
84 KB
8 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120a1953b883dac0581610b69e4238edda43ba212d6358d0105596cd012a1553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://member.uhc.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
df7bfc1fc5f7db30
timing-allow-origin
*
cf-ray
8976996e4f6191e3-FRA
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
102 KB
29 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.33794b2d8b69e431511e.chunk.js?Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web&Q_BRANDID=member.uhc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a5245ac65ab559c01bd2852ebf7c5ad3d222032eff4491c21d9d5548716e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74284
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jun 2024 23:57:54 GMT
server
cloudflare
etag
W/"1974e-19004963fd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8976996f488691e3-FRA
7.351ebab6cefd64470986.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
3 KB
1 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.351ebab6cefd64470986.chunk.js?Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0020c7009f28c0dce5169d5c1cd01bde7afcd43161d07067b7544fd9bfdbc47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74297
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jun 2024 23:57:54 GMT
server
cloudflare
etag
W/"b52-19004963fd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8976996fa92b91e3-FRA
1.b2a9aa39c31802968bfe.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
29 KB
7 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.b2a9aa39c31802968bfe.chunk.js?Q_CLIENTVERSION=2.8.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351c540b07dd8e2f59db1bef54306dca3692b39cccb070d1f295dc20256b5fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
74299
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jun 2024 23:57:54 GMT
server
cloudflare
etag
W/"73f8-19004963fd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8976996fa93091e3-FRA
prelogin
api.member.uhc.com/rest/user/v1/session/
56 B
454 B
XHR
General
Full URL
https://api.member.uhc.com/rest/user/v1/session/prelogin
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.234.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
RP-Token-Suffix
MU
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://member.uhc.com/
sec-ch-ua-platform
"Win32"

Response headers

x-rally-correlationid
QvnALW2TH3k9aE-arcade_user
date
Fri, 21 Jun 2024 20:02:59 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Accept
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://member.uhc.com
x-iinfo
8-81879790-81879795 PNYN RT(1719000179013 614) q(0 0 0 -1) r(1 1) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
private, no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary,x-rally-eligibilityid
prelogin
api.member.uhc.com/rest/user/v1/session/ Frame
0
0
Preflight
General
Full URL
https://api.member.uhc.com/rest/user/v1/session/prelogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.234.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,rp-token-suffix
Access-Control-Request-Method
POST
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary,x-rally-eligibilityid
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, POST
cache-control
no-cache, no-store, must-revalidate
date
Fri, 21 Jun 2024 20:02:59 GMT
x-cdn
Imperva
x-iinfo
0-52431744-52431746 PNNN RT(1719000178520 974) q(0 0 0 0) r(1 1) U24
x-rally-correlationid
MfBL6Vnx7ubjTb-arcade_user
Primary Request login
www.healthsafe-id.com/rt/
Redirect Chain
  • https://member.uhc.com/plan-selector/automatic?portal=ucard
  • https://member.uhc.com/one-portal/automatic?portal=ucard
  • https://sso.optum.com/ext/as/authorization.oauth2?scope=openid+profile&pfidpadapterid=HsidNewUIOidc&response_type=code&redirect_uri=https%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1...
  • https://www.healthsafe-id.com/rt/secure/auth/ucard/de?resume=/as/OOCNNOpisF/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirec...
  • https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGc...
  • https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FO...
4 KB
0
Document
General
Full URL
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FOOCNNOpisF%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Ducard%26lang%3Dde%26client_id%3Ducard_oneportal_hsid_prod&reason=0
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/main~31743c5a.2a0071fa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.36.57 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://member.uhc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html
date
Fri, 21 Jun 2024 20:03:05 GMT
etag
expires
0
last-modified
pragma
no-cache
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-id
saSJl7_eg_R77L3vNLXQ9OMRBxAPHlbRLiw4qPhnU2FBl_be8Sur9g==
x-amz-cf-pop
AMS58-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
zRGS3kWyj7YiQYaN7iYZotUqJv4IBSxZ
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
content-length
0
content-type
text/html;charset=utf-8
date
Fri, 21 Jun 2024 20:03:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FOp0qSQLhl9%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fucard%2Fde%3Fresume%3D%2Fas%2FOOCNNOpisF%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fmember.uhc.com%2Fone-portal%2Fprotected%2Foidc%2Fv1%2Fcallback%26portal%3Ducard%26lang%3Dde%26client_id%3Ducard_oneportal_hsid_prod&reason=0
pragma
no-cache
referrer-policy
origin
server
Apache
strict-transport-security
max-age=16070400; includeSubDomains; preload
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
x-amz-cf-id
bxlmgN252H-31so2pvZSMndFYrEX6-olX4GsvlIXlh3X0QZDvKesIw==
x-amz-cf-pop
AMS58-P2
x-cache
Miss from cloudfront
pub6504168b007ab6519cce72748c1726b1
rum-http-intake.logs.datadoghq.com/v1/input/
0
0
Ping
General
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pub6504168b007ab6519cce72748c1726b1?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3AProduction%2Cservice%3Aucard-hub-ui%2Cversion%3A2024.6.19-fd9bbc8&batch_time=1719000179880
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:24e6:b900:1933:3aac:154f:f044 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

replay
session-replay.browser-intake-datadoghq.com/api/v2/
0
0
Ping
General
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3AProduction%2Cservice%3Aucard-hub-ui%2Cversion%3A2024.6.19-fd9bbc8&dd-api-key=pub6504168b007ab6519cce72748c1726b1&dd-evp-origin-version=3.11.0&dd-evp-origin=browser&dd-request-id=78c3f966-efaf-47f3-a027-3736c007fd72
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/ucard/static/js/468.40bedc01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:24e6:b902:e624:b6ab:b063:5e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary0gR5DISINdS2xmxd

Response headers

bundles-average.js
www.healthsafe-id.com/assets/
0
0

b6030f906c1066bc_complete.js
dtsaas-sgw.uhc.com/jstag/managed/17a3a45c-ebd2-4cdb-86ec-5f31606b813f/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
digital-cdn.uhc.com
URL
https://digital-cdn.uhc.com/styles/icons.css
Domain
www.healthsafe-id.com
URL
https://www.healthsafe-id.com/assets/bundles-average.js
Domain
dtsaas-sgw.uhc.com
URL
https://dtsaas-sgw.uhc.com/jstag/managed/17a3a45c-ebd2-4cdb-86ec-5f31606b813f/b6030f906c1066bc_complete.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

21 Cookies

Domain/Path Name / Value
.member.uhc.com/ Name: X-UCardHub-Canary
Value: never
.uhc.com/ Name: visid_incap_2076937
Value: FHaiStgvTa+PeMqu5m+bbnDcdWYAAAAAQUIPAAAAAAAErwEKpKtAoi4Wdg8+MESp
.uhc.com/ Name: incap_ses_1515_2076937
Value: Hk32X/rrqV7x8fLZi1wGFXDcdWYAAAAAdXlwmeICu/c4DOEto/E/cw==
member.uhc.com/ Name: _dd_s
Value: rum=1&id=ded39340-f339-4da2-ae46-7456074b367c&created=1719000178367&expire=1719001078367
.uhc.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 15824851278663703684238590357073723629
.uhc.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.uhc.com/ Name: mbox
Value: session#82af697b0fbf40f9b79b51cb6f2d59c4#1719002040|PC#82af697b0fbf40f9b79b51cb6f2d59c4.37_0#1782244980
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZnXccwAAAF2HqgOV
.dpm.demdex.net/ Name: dpm
Value: 15824851278663703684238590357073723629
.uhc.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19896%7CMCMID%7C18824730721574478493835802336441671428%7CMCAAMLH-1719604978%7C6%7CMCAAMB-1719604978%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1719007378s%7CNONE%7CMCSYNCSOP%7C411-19903%7CvVersion%7C5.5.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlnsU-KiL-3_C998ZhVxiFUY-XJI6MVLo7LHZ72IrMAnCrgkYDpph60Jw3Ipkk
.demdex.net/ Name: dextp
Value: 771-1-1719000179068|903-1-1719000179168|285689-1-1719000179268
.member.uhc.com/ Name: visid_incap_1142757
Value: t4wHwI6wQA+SI5tmYARk83LcdWYAAAAAQUIPAAAAAACIz7HZ8pqCiQf9o8lbGFqg
.member.uhc.com/ Name: incap_ses_473_1142757
Value: PUcxFP78bmgf29jLFW+QBnPcdWYAAAAAUv4tYn9iaGOvAeeAiKbFwg==
.member.uhc.com/ Name: Arcade-OIDC-State
Value: 78f8b441b74f3efbb938a363e772ecc70873f56f-loginStartTime=2024-06-21T20%3A02%3A59.811829&redirectUrl=https%3A%2F%2Fmember.uhc.com%2Fucard%2Fbalance&stateCode=7bd0e290-f144-4918-be65-b020022f503b
.member.uhc.com/ Name: X-DashCafe-Canary
Value: always
.member.uhc.com/ Name: PS_Locale
Value: de-DE
.member.uhc.com/ Name: PS_XSRF
Value: NTUwZmU2MjItYmJiNi00Y2M0LTk4MjMtYzMzYWJmNmU2NjMz
.member.uhc.com/ Name: PS_Internal_State
Value: eyJzdGF0ZSI6eyJwbGFuU2VsZWN0aW9uRmxvdyI6IlVDQVJEIiwicG9ydGFsIjoidWNhcmQiLCJxdWVyeVBhcmFtZXRlcnMiOiJ7XCJwb3J0YWxcIjpcInVjYXJkXCJ9In19
sso.optum.com/ Name: ext-PF
Value: 2il9zfX51C3nRH7a729a5xa7mfvwgLCocEZIfGvHGYgD

3 Console Messages

Source Level URL
Text
other warning URL: https://member.uhc.com/ucard/balance
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://digital-cdn.uhc.com/styles/icons.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.member.uhc.com/rest/user/v1/session/heartbeat
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.member.uhc.com
assets.adobedtm.com
cm.everesttech.net
digital-cdn.uhc.com
dpm.demdex.net
dtsaas-sgw.uhc.com
lagoon-cloud.uhc.com
member.uhc.com
member.werally.com
rum-http-intake.logs.datadoghq.com
session-replay.browser-intake-datadoghq.com
siteintercept.qualtrics.com
sso.optum.com
ucardhub.uhc.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
www.healthsafe-id.com
www.onelink-edge.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
digital-cdn.uhc.com
dtsaas-sgw.uhc.com
www.healthsafe-id.com
104.17.208.240
149.111.144.83
18.239.36.57
2600:1f18:24e6:b900:1933:3aac:154f:f044
2600:1f18:24e6:b902:e624:b6ab:b063:5e49
2600:9000:2165:600:9:be0d:c0c0:93a1
2a02:26f0:3500:c89::1e80
3.161.119.108
45.223.234.243
45.60.33.26
52.19.228.126
52.209.70.65
54.228.184.13
54.83.15.102
66.235.152.156
0020c7009f28c0dce5169d5c1cd01bde7afcd43161d07067b7544fd9bfdbc47f
02498bc41f30e3255de599c934d809d98d20c3b6e91bd2f10ec867c59c0f5085
07a1b1da7821fd7cf770ba4dd391ac79fa397fdedb12511b4174520bb4aab184
0e05d56bbe57de75430aace29f8188cf4e5d748629dae14d88572683ac9d7c9c
0e1fae2bfec74379acf28a74775904584939710b934169c1d398b831b2ee35e5
120a1953b883dac0581610b69e4238edda43ba212d6358d0105596cd012a1553
1504b070c057bc703a78034a6f7564d19b335d73e7267b96e00ea111307fb5ea
26ad3e9a211c58d12857eb1cbd175c841fed08fc13678eb5fb054fa1cef72ff9
2da843a5ab69aea63eef188eb1ec25de3612a4b08ce16a1083d14354b641037d
351c540b07dd8e2f59db1bef54306dca3692b39cccb070d1f295dc20256b5fa9
3710869da62795ff6299573d0e80c30ac33fdd3e2e1f042c6aedb1eab54528c6
3831f40b4a9a03be4792b97ecc01c92be1d81bb377e05b7ece602812ccb11045
3e7c43efb0974e754f111a41d47fcf8038f7670cde761125b2e81fd0b866fc87
560c889b01facf023849105aae39d12f05e044c1f1a66ce95d810d8e4d0a71e8
560eeec1b0aed8d6549fefa378e5698e38ac5956a27012afe0194232caf443a3
56feabb3b11f656a2977387a65907c85d4a23e462363acfca95d3219de173355
5cc7373401a9700ae1ca3dd048a3abd3ae487ee167f60983e6cf28def09c7602
66a5245ac65ab559c01bd2852ebf7c5ad3d222032eff4491c21d9d5548716e79
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
7510e74896813a1020dc71176a733fe34683be48c3c5b33ecb403be58ddebf98
85536d05fa37c73df76fbf64e3d00bcf0ee8e847618b0c1a4e00788c0e87a6e1
86cca819ae01b89d4fee9e78e9a1536995a2873db277d4dee24e1c996738a763
8a7b39e4fe2ac3dd2e0be713ae424af1d1f6f9788613754537e212e3e268fced
93cdc2385798a53c11f17058fa76e46d62b5b728795165565cc8844edf7b85c6
9a8fe19c7f677359d10875c1b7bcaad43314ce4c682ef21faff46ec8cb68c0d0
aac6ff449447f4b011327220b2983438d5d0f1dfc189426df6cca80b109d81ae
ac574838c1191dc63b3ff3166ab12a8e1206f93c74e022862af9bd4151d3c668
b9aa256ed07383fab9004d7389261cf0cff250e44486ce077a82a87c88991115
c01dfef375b7c7c00f7921e0572949b68e8bfe525d679061047640a52f7f542b
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
c7e090529a5d8ba916b2ae5fc9034cfa496d9108f08d4bc92a7886f8a3cb52fa
db755c46473f9f4a67bb34d0cf1e723947a0592942a250db243f2738cde976a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f374e67af94fd4f471236b7fd7db2672e8381a96ee9a7be4d0846498053c3936
fa590ff6cd2ca63571c280f8868a08679dee925f13573f1e6df2bdc37c9e3005
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d