account.bcbsil.com Open in urlscan Pro
205.172.134.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.salesforce.rxsavingssolutions.com/?qs=b57dc7052c5c2d4fee456844e1bf48799c3e72f6d5447c942a4d2ac73e9a8ca6a27927de396b2414a6a51f49cffb...
Effective URL:
https://account.bcbsil.com/login/?goto=https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client_id%3DOAuth-BlueAcce...
Submission: On May 13 via manual (May 13th 2023, 7:34:48 am UTC) from IN — Scanned from DE

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 205.172.134.131, located in Chicago, United States and belongs to HSC, US. The main domain is account.bcbsil.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 17th 2023. Valid for: a year.

This is the only time account.bcbsil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.48.123 13.111.48.123	22606 (EXACT-7) (EXACT-7)
1 1	52.177.30.255 52.177.30.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	205.172.134.131 205.172.134.131	23494 (HSC) (HSC)
4	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	23.67.138.249 23.67.138.249	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.76.252.231 54.76.252.231	16509 (AMAZON-02) (AMAZON-02)
2	146.75.117.230 146.75.117.230	54113 (FASTLY) (FASTLY)
1	52.215.85.23 52.215.85.23	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1 1	54.220.210.61 54.220.210.61	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
10	34.224.160.136 34.224.160.136	14618 (AMAZON-AES) (AMAZON-AES)
1 1	205.172.134.27 205.172.134.27	() ()
52	10

1 13.111.48.123 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.salesforce.rxsavingssolutions.com

click.salesforce.rxsavingssolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.177.30.255 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bcbsil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.172.134.131 (Chicago, United States)

ASN23494 (HSC, US)

mybam.bcbsil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
findcare-shared.ui.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybam.ui.hcsc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.bcbsil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.67.138.249 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-138-249.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.252.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-231.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.117.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.85.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-85-23.eu-west-1.compute.amazonaws.com

hcsc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

healthcareservicecorporation.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.210.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-210-61.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.224.160.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-160-136.compute-1.amazonaws.com

bf69636tjb.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.172.134.27 (None, ) 1 redirects

ASN- ()

cim.bcbsil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bcbsil.com 2 redirects www.bcbsil.com — Cisco Umbrella Rank: 98378 mybam.bcbsil.com — Cisco Umbrella Rank: 319306 cim.bcbsil.com account.bcbsil.com	166 KB
11	hcsc.net findcare-shared.ui.hcsc.net — Cisco Umbrella Rank: 177306 mybam.ui.hcsc.net — Cisco Umbrella Rank: 188545	440 KB
10	dynatrace.com bf69636tjb.bf.dynatrace.com — Cisco Umbrella Rank: 91755	3 KB
6	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1629	423 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 438	67 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 220 hcsc.demdex.net — Cisco Umbrella Rank: 115259	5 KB
2	medallia.com resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4380	86 KB
1	kampyle.com udc-neb.kampyle.com — Cisco Umbrella Rank: 2405	417 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1174	517 B
1	omtrdc.net healthcareservicecorporation.sc.omtrdc.net — Cisco Umbrella Rank: 98243	268 B
1	rxsavingssolutions.com 1 redirects click.salesforce.rxsavingssolutions.com	288 B
0	googleapis.com Failed fonts.googleapis.com Failed
52	12

	Domain	Requested by
10	bf69636tjb.bf.dynatrace.com	mybam.bcbsil.com
9	mybam.bcbsil.com	mybam.bcbsil.com findcare-shared.ui.hcsc.net
8	findcare-shared.ui.hcsc.net	mybam.bcbsil.com findcare-shared.ui.hcsc.net
6	cdn.walkme.com	mybam.bcbsil.com cdn.walkme.com
4	assets.adobedtm.com	mybam.bcbsil.com assets.adobedtm.com account.bcbsil.com
3	mybam.ui.hcsc.net	mybam.bcbsil.com findcare-shared.ui.hcsc.net
2	resources.digital-cloud-west.medallia.com	assets.adobedtm.com resources.digital-cloud-west.medallia.com
2	dpm.demdex.net	mybam.bcbsil.com
1	account.bcbsil.com	mybam.ui.hcsc.net account.bcbsil.com
1	cim.bcbsil.com	1 redirects
1	udc-neb.kampyle.com	mybam.bcbsil.com
1	cm.everesttech.net	1 redirects
1	healthcareservicecorporation.sc.omtrdc.net	mybam.bcbsil.com
1	hcsc.demdex.net	assets.adobedtm.com
1	www.bcbsil.com	1 redirects
1	click.salesforce.rxsavingssolutions.com	1 redirects
0	fonts.googleapis.com Failed	account.bcbsil.com
52	17

This site contains no links.

Subject Issuer	Validity	Valid
*.bcbsil.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-01-20`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.ui.hcsc.net Entrust Certification Authority - L1K	`2022-06-16` - `2023-07-06`	a year	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-29` - `2024-01-31`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-03-29` - `2024-02-28`	a year	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-07`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://account.bcbsil.com/login/?goto=https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client_id%3DOAuth-BlueAccessMember20_APP00007045%26code_challenge%3Ds21ONmUGE6acepCIMPtu7R98H3ZXSAkBQGtgXSQGtjg%26code_challenge_method%3DS256%26prompt%3Dnone%26redirect_uri%3Dhttps://mybam.bcbsil.com/%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520bam2.0%2520fr:idm:*%26service%3Dhcsc-members-mma-mfa%26state%3DWm9xcQ%253D%253D
Frame ID: 980323413A4CBA364FB5B506ED4145F4
Requests: 47 HTTP requests in this frame

Frame: https://hcsc.demdex.net/dest5.html?d_nsid=0
Frame ID: 39E200F43BB001CFFE1ACF6D36436C43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.salesforce.rxsavingssolutions.com/?qs=b57dc7052c5c2d4fee456844e1bf48799c3e72f6d5447c942a4d2ac73e9a8ca6a27927de... HTTP 302
https://www.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_conte... HTTP 302
https://mybam.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_conte... Page URL
https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client_id=OAuth-BlueAccessMember20_APP000... HTTP 302
https://account.bcbsil.com/login/?goto=https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

90 %
HTTPS

8 %
IPv6

12
Domains

17
Subdomains

10
IPs

3
Countries

1186 kB
Transfer

4460 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.salesforce.rxsavingssolutions.com/?qs=b57dc7052c5c2d4fee456844e1bf48799c3e72f6d5447c942a4d2ac73e9a8ca6a27927de396b2414a6a51f49cffb4fc9dadd77c74554b68b6e59e1f735dbd432 HTTP 302
https://www.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan HTTP 302
https://mybam.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan Page URL
https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client_id=OAuth-BlueAccessMember20_APP00007045&code_challenge=s21ONmUGE6acepCIMPtu7R98H3ZXSAkBQGtgXSQGtjg&code_challenge_method=S256&prompt=none&redirect_uri=https%3A%2F%2Fmybam.bcbsil.com%2F&response_type=code&scope=openid%20profile%20bam2.0%20fr%3Aidm%3A%2A&service=hcsc-members-mma-mfa&state=Wm9xcQ%3D%3D HTTP 302
https://account.bcbsil.com/login/?goto=https://cim.bcbsil.com/am/oauth2/realms/members/authorize?client_id%3DOAuth-BlueAccessMember20_APP00007045%26code_challenge%3Ds21ONmUGE6acepCIMPtu7R98H3ZXSAkBQGtgXSQGtjg%26code_challenge_method%3DS256%26prompt%3Dnone%26redirect_uri%3Dhttps://mybam.bcbsil.com/%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520bam2.0%2520fr:idm:*%26service%3Dhcsc-members-mma-mfa%26state%3DWm9xcQ%253D%253D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.salesforce.rxsavingssolutions.com/?qs=b57dc7052c5c2d4fee456844e1bf48799c3e72f6d5447c942a4d2ac73e9a8ca6a27927de396b2414a6a51f49cffb4fc9dadd77c74554b68b6e59e1f735dbd432 HTTP 302
https://www.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan HTTP 302
https://mybam.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan

Request Chain 27

https://cm.everesttech.net/cm/dd?d_uuid=76235862750485745674172949289544278363 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZF89kwAAAGzeVwOJ

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

rxsavings Show response
mybam.bcbsil.com/
Redirect Chain

https://click.salesforce.rxsavingssolutions.com/?qs=b57dc7052c5c2d4fee456844e1bf48799c3e72f6d5447c942a4d2ac73e9a8ca6a27927de396b2414a6a51f49cffb4fc9dadd77c74554b68b6e59e1f735dbd432
https://www.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan
https://mybam.bcbsil.com/rxsavings?utm_source=rolling&utm_medium=email&utm_campaign=email-2&utm_content=health-plan

7 KB
3 KB

744ms
156ms

Document
text/html

205.172.134.131
HSC

General

Domain/Path	Expires	Name / Value
www.bcbsil.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 37075391e2f1258f72fbb32632aa8281
www.bcbsil.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 37075391e2f1258f72fbb32632aa8281
www.bcbsil.com/	1969-12-31 23:59:59	Name: cookieName Value: iXqJsSkAHCwSpbn
mybam.bcbsil.com/	1969-12-31 23:59:59	Name: TS0123e410 Value: 01d43b0fd2c3e1bcfc15936897e6d939445c8bf6c7baf461f8d0096f9460117b2592f538d499103fa28d7a785feffa8776dc110cce
.bcbsil.com/	1970-01-20 21:22:03	Name: rxVisitor Value: 168396328260075SRB0Q6TUMG3H4AJ1LDVSIARR5E4LBS
.bcbsil.com/	1969-12-31 23:59:59	Name: dtLatC Value: 961
.bcbsil.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.demdex.net/	1970-01-20 16:05:15	Name: demdex Value: 76235862750485745674172949289544278363
.bcbsil.com/	1969-12-31 23:59:59	Name: AMCVS_24F66F63598431DC0A495EE9%40AdobeOrg Value: 1
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: mdLogger Value: false
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: kampyle_userid Value: bfed-fdcf-2a60-4914-ac55-206a-137b-e80f
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: kampyleUserSession Value: 1683963283323
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: kampyleUserSessionsCount Value: 1
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: kampyleSessionPageCounter Value: 1
mybam.bcbsil.com/	1970-01-20 20:31:39	Name: kampyleUserPercentile Value: 87.00367887897316
.everesttech.net/	1970-01-20 20:31:39	Name: everest_g_v2 Value: g_surferid~ZF89kwAAAGzeVwOJ
.dpm.demdex.net/	1970-01-20 16:05:15	Name: dpm Value: 76235862750485745674172949289544278363
.bcbsil.com/	1970-01-20 21:22:03	Name: AMCV_24F66F63598431DC0A495EE9%40AdobeOrg Value: 179643557%7CMCIDTS%7C19491%7CMCMID%7C75667163385294351094118331290571363033%7CMCAAMLH-1684568083%7C6%7CMCAAMB-1684568083%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1683970483s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19498%7CvVersion%7C5.5.0
.bcbsil.com/	1969-12-31 23:59:59	Name: dtPC Value: 2$363282599_770h-vCRMHKIPWORCNEMMWCMKMQIPULCFJOHJI-0e0
.bcbsil.com/	1969-12-31 23:59:59	Name: TS0176cfd2 Value: 01d43b0fd21ee7bc54ff4e31b24159b6eeb0c8c38ebaf461f8d0096f9460117b2592f538d437ac29475e9d47523a0504fb48f53829f14a129212ed67f8c25f6f92d35d8840
.bcbsil.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_5_sn_9EC415EDFF4A58FD78F398EF5F1AC709_app-3Ae45ee9cdd2f0cca3_1_ol_0_perc_100000_mul_1_rcs-3Acss_0
.bcbsil.com/	1969-12-31 23:59:59	Name: rxvt Value: 1683965086000\|1683963282602

account.bcbsil.com Open in urlscan Pro 205.172.134.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

90 %HTTPS

8 %IPv6

12 Domains

17 Subdomains

10 IPs

3 Countries

1186 kBTransfer

4460 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

account.bcbsil.com Open in urlscan Pro
205.172.134.131 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

90 %
HTTPS

8 %
IPv6

12
Domains

17
Subdomains

10
IPs

3
Countries

1186 kB
Transfer

4460 kB
Size

22
Cookies

52 HTTP transactions
0 data transactions