urlscan.io logo urlscan.io
SecurityTrails logo

accountprofile.uat.myuhc.com Open in urlscan Pro
45.60.33.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://accountprofile.uat.myuhc.com/
Submission: On May 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 45.60.33.26, located in United States and belongs to INCAPSULA, US. The main domain is accountprofile.uat.myuhc.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 23rd 2023. Valid for: a year.
This is the only time accountprofile.uat.myuhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.60.33.26 19551 (INCAPSULA)
1 2602:816:5001... 54113 (FASTLY)
1 162.247.243.30 54113 (FASTLY)
15 4
Apex Domain
Subdomains		 Transfer
11 myuhc.com
accountprofile.uat.myuhc.com
test.int.myuhc.com Failed
cms.uat.myuhc.com
353 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 3375
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 636
13 KB
15 3
Domain Requested by
9 accountprofile.uat.myuhc.com accountprofile.uat.myuhc.com
2 cms.uat.myuhc.com accountprofile.uat.myuhc.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com accountprofile.uat.myuhc.com
0 test.int.myuhc.com Failed accountprofile.uat.myuhc.com
15 5

This site contains no links.

Subject Issuer Validity Valid
*.uat.myuhc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-23 -
2024-07-21		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accountprofile.uat.myuhc.com/
Frame ID: FC10DD33E49A5735A49EF2542C349B0A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Micro Frontend App

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

15
Requests

87 %
HTTPS

33 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

366 kB
Transfer

1362 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://test3.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/jquery.js HTTP 301
  • https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/jquery.js
Request Chain 2
  • https://test3.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/angular.js HTTP 301
  • https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/angular.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
accountprofile.uat.myuhc.com/ 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
8f01a5369d2487b5c856889431506db2c4bacd921a6b5b2fc32cc1d73b69a37d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
public, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 May 2024 15:50:23 GMT
etag
W/"5e88-18f13933e80"
last-modified
Thu, 25 Apr 2024 04:46:08 GMT
x-cdn
Imperva
x-iinfo
1010-31274790-31274814 NNYN CT(96 197 0) RT(1715010622627 179) q(0 0 3 0) r(4 4) U12
x-powered-by
Express
env.js
accountprofile.uat.myuhc.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/env.js
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:24 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
content-type
text/html; charset=utf-8
x-iinfo
10-31274790-31273725 2NYN RT(1715010622627 700) q(0 0 0 -1) r(5 5) U11
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
jquery.js
test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/
Redirect Chain
  • https://test3.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/jquery.js
  • https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/jquery.js
0
0
angular.js
test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/
Redirect Chain
  • https://test3.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/angular.js
  • https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/angular.js
0
0
main.daaf0221.js
accountprofile.uat.myuhc.com/static/js/ 		1013 KB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/static/js/main.daaf0221.js
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
a3b9e82fea44c8bc1247f94a3ba5838f6fd5f339f59922432082a1341f7ae760

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:25 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 04:46:08 GMT
x-cdn
Imperva
x-powered-by
Express
etag
W/"fd242-18f13933e80"
content-type
application/javascript; charset=UTF-8
x-iinfo
10-31274790-31269888 2NYN RT(1715010622627 1618) q(0 0 0 -1) r(6 6) U2
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
main.41812b01.css
accountprofile.uat.myuhc.com/static/css/ 		86 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/static/css/main.41812b01.css
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
f1c28bcf09dcfc5679ab6d81642604832d0b548b3dec54cc84de7372bcc902d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:24 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 04:46:08 GMT
x-cdn
Imperva
x-powered-by
Express
etag
W/"159f6-18f13933e80"
content-type
text/css; charset=UTF-8
x-iinfo
10-31274790-31272949 2NYN RT(1715010622627 697) q(0 0 0 -1) r(6 6) U2
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
_Incapsula_Resource
accountprofile.uat.myuhc.com/ 		148 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1774790846
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9021a9178194ada424433f05fdbfc240da3f0266e957466d1187a2d9f9102b86

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21249
content-type
application/javascript
_Incapsula_Resource
accountprofile.uat.myuhc.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accountprofile.uat.myuhc.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5939167355240644
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
responsivegrid.model.json
cms.uat.myuhc.com/content/myuhc/consumer/global-api/jcr:content/root/ 		26 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.uat.myuhc.com/content/myuhc/consumer/global-api/jcr:content/root/responsivegrid.model.json
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
c77a0de13fba9e9bb59d230e245a89ad8caec1dabd14728cd40f338fd74bf1eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher1eastus2-28564752
date
Mon, 06 May 2024 15:50:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
x-vhost
myuhc-publish
x-iinfo
1011-37365537-37365564 NNNN CT(94 182 0) RT(1715010625504 136) q(0 0 3 0) r(4 4) U12
content-length
2477
last-modified
Mon, 06 May 2024 15:36:07 GMT
server
Apache
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://accountprofile.uat.myuhc.com
x-incap-sess-cookie-hdr
AnRDHZXUg1UNz9EaErONAkL8OGYAAAAAB9g/gFgbs4ebrGUvwFYNAQ==
accept-ranges
bytes
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
LankXtrmb3EX_JaajDp.CK1InLZRWOOD
content-encoding
br
via
1.1 varnish
date
Mon, 06 May 2024 15:50:26 GMT
strict-transport-security
max-age=300
x-amz-request-id
DWZNMPGXV0W6MEPE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12310
x-amz-id-2
kAOzCDbS4cT0WHpNCT9E5T8m9cBqzNhkHMd+kX+f5Snvkl7B/G3q/dGBXt45iNq2JL5jfybbt1Q=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Wed, 18 Oct 2023 20:59:31 GMT
server
AmazonS3
etag
"1a71e4208296f97b465116492f59124d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
2133
responsivegrid.model.json
cms.uat.myuhc.com/content/myuhc/consumer/global-api/jcr:content/root/ 		26 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.uat.myuhc.com/content/myuhc/consumer/global-api/jcr:content/root/responsivegrid.model.json
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
c77a0de13fba9e9bb59d230e245a89ad8caec1dabd14728cd40f338fd74bf1eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher1eastus2-28564752
date
Mon, 06 May 2024 15:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 15:36:07 GMT
server
Apache
x-cdn
Imperva
x-vhost
myuhc-publish
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://accountprofile.uat.myuhc.com
x-iinfo
1011-37365537-37365564 NNNN CT(94 182 0) RT(1715010625504 136) q(0 0 3 0) r(4 4) U12
x-incap-sess-cookie-hdr
AnRDHZXUg1UNz9EaErONAkL8OGYAAAAAB9g/gFgbs4ebrGUvwFYNAQ==
accept-ranges
bytes
content-length
2477
favicon.ico
accountprofile.uat.myuhc.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:26 GMT
last-modified
Thu, 25 Apr 2024 04:45:17 GMT
x-cdn
Imperva
x-powered-by
Express
etag
W/"10be-18f13927748"
content-type
image/x-icon
x-iinfo
10-31274790-31274814 PNNN RT(1715010622627 3003) q(0 0 0 -1) r(1 1) U2
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
4286
8f22def631
bam-cell.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/8f22def631?a=484570004&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=3042&ck=1&ref=https://accountprofile.uat.myuhc.com/&be=717&fe=2911&dc=2911&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1715010623317,%22n%22:0,%22f%22:1,%22dn%22:17,%22dne%22:17,%22c%22:17,%22s%22:23,%22ce%22:202,%22rq%22:202,%22rp%22:702,%22rpe%22:710,%22dl%22:706,%22di%22:1629,%22ds%22:2911,%22de%22:2911,%22dc%22:2912,%22l%22:2912,%22le%22:2912%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230149-FRA
date
Mon, 06 May 2024 15:50:26 GMT
Connection
keep-alive
Content-Length
2
content-type
application/json; charset=UTF-8
getProfileContextOffline
accountprofile.uat.myuhc.com/ifp/ 		167 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/ifp/getProfileContextOffline?endpoint=/cel/offline-uhcd-member/v5/profile
Requested by
Host: accountprofile.uat.myuhc.com
URL: https://accountprofile.uat.myuhc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
2c3e2d090c3309f2edb3fb76f024af55edb519ebb19d0578bc72158d3fe1c14b
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:26 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
content-type
text/html; charset=utf-8
x-iinfo
10-31274790-31274814 PNYN RT(1715010622627 3405) q(0 0 0 -1) r(1 1) U11
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
favicon.ico
accountprofile.uat.myuhc.com/ 		4 KB
92 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accountprofile.uat.myuhc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/ Express
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accountprofile.uat.myuhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 15:50:26 GMT
last-modified
Thu, 25 Apr 2024 04:45:17 GMT
x-cdn
Imperva
x-powered-by
Express
etag
W/"10be-18f13927748"
content-type
image/x-icon
x-iinfo
10-31274790-31274814 PNNN RT(1715010622627 3524) q(0 0 0 -1) r(1 1) U2
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
test.int.myuhc.com
URL
https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/jquery.js
Domain
test.int.myuhc.com
URL
https://test.int.myuhc.com/etc/designs/myuhc/clientlibs/foundation/js/angular.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require undefined| myuhc number| 2f1acc6c3a606b082e5eef5e54414ffb object| DD_RUM function| renderaccountprofileapp function| unmountaccountprofileapp

9 Cookies

Domain/Path Name / Value
.uat.myuhc.com/ Name: X-MYUHC-Canary
Value: always
.uat.myuhc.com/ Name: visid_incap_2537194
Value: pr2NmZdxRxqS5bx+kAk/RT78OGYAAAAAQUIPAAAAAADdQ5WzU+qwh6pSx5Uejqfh
.uat.myuhc.com/ Name: nlbi_2537194
Value: wZTmFJK6PXx66zNoh12huwAAAAC9BV7r30NalEYUh13AP3vQ
.uat.myuhc.com/ Name: incap_ses_184_2537194
Value: PSYWZvg3fA3Ex9EaErONAj/8OGYAAAAANgXuvuHAT1orQItgwOVu1A==
test.int.myuhc.com/ Name: ApplicationGatewayAffinityCORS
Value: 978849146ca04f87a435879074331c13
test.int.myuhc.com/ Name: ApplicationGatewayAffinity
Value: 978849146ca04f87a435879074331c13
.int.myuhc.com/ Name: visid_incap_2803134
Value: kmCmx28hSUqnC29KL5Ftqj/8OGYAAAAAQUIPAAAAAABiZU59jODAhHEH6BawOy2K
.int.myuhc.com/ Name: incap_ses_184_2803134
Value: MeGLIWTz0nuUydEaErONAkD8OGYAAAAARUyMaT1QsE9/W2k544pGzA==
accountprofile.uat.myuhc.com/ Name: _dd_s
Value: rum=1&id=6ce2580c-a705-472b-8ff8-b32d2beebf57&created=1715010626203&expire=1715011526203

4 Console Messages

Source Level URL
Text
network error URL: https://accountprofile.uat.myuhc.com/env.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://accountprofile.uat.myuhc.com/
Message:
Refused to execute script from 'https://accountprofile.uat.myuhc.com/env.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://bam-cell.nr-data.net/1/8f22def631?a=484570004&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=3042&ck=1&ref=https://accountprofile.uat.myuhc.com/&be=717&fe=2911&dc=2911&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1715010623317,%22n%22:0,%22f%22:1,%22dn%22:17,%22dne%22:17,%22c%22:17,%22s%22:23,%22ce%22:202,%22rq%22:202,%22rp%22:702,%22rpe%22:710,%22dl%22:706,%22di%22:1629,%22ds%22:2911,%22de%22:2911,%22dc%22:2912,%22l%22:2912,%22le%22:2912%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accountprofile.uat.myuhc.com/ifp/getProfileContextOffline?endpoint=/cel/offline-uhcd-member/v5/profile
Message:
Failed to load resource: the server responded with a status of 404 ()