![](/screenshots/aaf0bdf8-bb88-4022-887a-7c223cadb2df.png)
www.healthsafe-id.com
Open in
urlscan Pro
149.111.166.210
Public Scan
Effective URL: https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FTU3VEzk2xM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.h...
Submission: On May 10 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 8th 2023. Valid for: a year.
This is the only time www.healthsafe-id.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7, US)
PTR: click.yourpharmacybenefits.com
click.yourpharmacybenefits.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
specialty.optumrx.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com | |
specialtycms.optumrx.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-166-38.eu-west-1.compute.amazonaws.com
unitedhealthgroup.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
smetrics.optum.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-185-84.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN13335 (CLOUDFLARENET, US)
zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com | |
siteintercept.qualtrics.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
optumrx.com
1 redirects
specialty.optumrx.com — Cisco Umbrella Rank: 505717 specialtycms.optumrx.com — Cisco Umbrella Rank: 588931 |
346 KB |
8 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 892 |
769 B |
5 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 220 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 24829 |
7 KB |
4 |
optum.com
1 redirects
smetrics.optum.com — Cisco Umbrella Rank: 22929 sso.optum.com — Cisco Umbrella Rank: 62300 |
2 KB |
4 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 438 |
81 KB |
3 |
healthsafe-id.com
2 redirects
www.healthsafe-id.com |
5 KB |
3 |
qualtrics.com
zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 425978 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1016 |
26 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 85 |
59 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 234 |
958 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356 |
265 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1174 |
517 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2495 |
258 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
78 KB |
1 |
azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1816 |
45 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 775 |
24 KB |
1 |
yourpharmacybenefits.com
1 redirects
click.yourpharmacybenefits.com — Cisco Umbrella Rank: 270807 |
256 B |
0 |
ib-ibi.com
Failed
global.ib-ibi.com Failed |
|
46 | 17 |
Domain | Requested by | |
---|---|---|
11 | specialty.optumrx.com |
1 redirects
specialty.optumrx.com
|
8 | dc.services.visualstudio.com |
specialty.optumrx.com
|
4 | dpm.demdex.net |
1 redirects
specialty.optumrx.com
|
4 | assets.adobedtm.com |
specialty.optumrx.com
assets.adobedtm.com |
3 | www.healthsafe-id.com |
2 redirects
specialty.optumrx.com
www.healthsafe-id.com |
3 | smetrics.optum.com |
specialty.optumrx.com
|
2 | siteintercept.qualtrics.com |
zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com
specialty.optumrx.com |
2 | www.youtube.com |
assets.adobedtm.com
www.youtube.com |
2 | cm.g.doubleclick.net | 2 redirects |
1 | specialtycms.optumrx.com | |
1 | sso.optum.com | 1 redirects |
1 | zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com |
specialty.optumrx.com
|
1 | match.adsrvr.org |
specialty.optumrx.com
|
1 | cm.everesttech.net | 1 redirects |
1 | unitedhealthgroup.demdex.net |
assets.adobedtm.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
assets.adobedtm.com
|
1 | js.monitor.azure.com |
specialty.optumrx.com
|
1 | code.jquery.com |
specialty.optumrx.com
|
1 | click.yourpharmacybenefits.com | 1 redirects |
0 | global.ib-ibi.com Failed | |
46 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
specialty-prod-certs.optumrx.com COMODO RSA Organization Validation Secure Server CA |
2023-04-13 - 2024-04-12 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01 |
2023-03-23 - 2024-03-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-04-24 - 2023-07-17 |
3 months | crt.sh |
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-22 - 2024-04-21 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-04-24 - 2023-07-17 |
3 months | crt.sh |
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05 |
2023-04-20 - 2024-04-14 |
a year | crt.sh |
healthsafeid-hcc.optum.com COMODO RSA Organization Validation Secure Server CA |
2023-04-08 - 2024-04-07 |
a year | crt.sh |
specialtycms.optumrx.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-20 - 2024-04-20 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FTU3VEzk2xM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2FKDnWWlgoKw%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0
Frame ID: 6A445A61835CEB45DE55D98AE6ACA35B
Requests: 38 HTTP requests in this frame
Frame:
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 71E9B8534A35119CE3076398A764EB6B
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/aaf0bdf8-bb88-4022-887a-7c223cadb2df.png)
Page URL History Show full URLs
-
https://click.yourpharmacybenefits.com/?qs=bcd15594a2e0828bb1ab51aa101749ce0b31bd2851c74c1c385c549e4367ee413ad15137...
HTTP 302
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:237-2way:::: Page URL
-
https://specialty.optumrx.com/patients/login
HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?portal=osp&response_type=code&client_id=HSIDBVRX... HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/osp/en?resume=/as/KDnWWlgoKw/resume/as/authorization.ping&spe... HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redi... HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FTU3VEzk2xM%2Fresume%2Fas%2Fauthorization.ping&TARGET... Page URL
Detected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.yourpharmacybenefits.com/?qs=bcd15594a2e0828bb1ab51aa101749ce0b31bd2851c74c1c385c549e4367ee413ad15137a3df38a50dda6ef1d446494f751932a7a7f45301fb5b816e6cf700ff
HTTP 302
https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:237-2way:::: Page URL
-
https://specialty.optumrx.com/patients/login
HTTP 302
https://sso.optum.com/ext/as/authorization.oauth2?portal=osp&response_type=code&client_id=HSIDBVRX10039&pfidpadapterid=HsidNewUIOidc&redirect_uri=https%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile&scope=openid%20profile HTTP 302
https://www.healthsafe-id.com/rt/secure/auth/osp/en?resume=/as/KDnWWlgoKw/resume/as/authorization.ping&spentity=null&scope=openid%20profile&response_type=code&pfidpadapterid=HsidNewUIOidc&redirect_uri=https://specialty.optumrx.com/patients/auth/profile&portal=osp&client_id=HSIDBVRX10039 HTTP 302
https://www.healthsafe-id.com/ext/as/authorization.oauth2?response_type=code&client_id=hsid-pa-client&redirect_uri=https%3A%2F%2Fwww.healthsafe-id.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoid3FaMDY0bFpWdjR3TE9SVXBWazBkRGllLS1NIiwic3VmZml4IjoiM0dTNkhPLjE2ODM3MzQ0MDAifQ..i6bGNZ638a7E9mVp3Lfhng.ok_oxdqqTh9jLPdraLarz81kK2oAOr3bryfh4H0srlTN_aguSHg3MskdqabtblJwnIHiwZwVfpxVJ7dXiVIeFkjInFQjd39Hubx5K7WokvnoFaSaK0wBY5jDVXXAe4be78AkC03pDEI56Lb8B72W1Axc82p3UCDKaGWh6GJ2WCntEt9WQeteFFQnpkYQBHnGZEe9-IJfztf71_apmrFhaZA3QU-5ERf616niaMjVhQ5TUA-IZsy7xVA9B5Zpz6HEhaf6MTKxCmTmTNriQk68wLOpVgiKS_9s_tloHuDweCVY4WywGzL79s-0WFvuSFnL.GM0inavC9NnViT3jiJD_1Q&nonce=qTcWbdgz2s4aInZS2P-Uxqo6DTCbORdw9UHPzeDcJKQ&acr_values=NONBANK%20BANK&scope=openid%20address%20email%20phone%20profile&vnd_pi_requested_resource=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2FKDnWWlgoKw%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&vnd_pi_application_name=HSIDProdRTApp HTTP 302
https://www.healthsafe-id.com/rt/login?resume=%2Fas%2FTU3VEzk2xM%2Fresume%2Fas%2Fauthorization.ping&TARGET=https%3A%2F%2Fwww.healthsafe-id.com%2Frt%2Fsecure%2Fauth%2Fosp%2Fen%3Fresume%3D%2Fas%2FKDnWWlgoKw%2Fresume%2Fas%2Fauthorization.ping%26spentity%3Dnull%26scope%3Dopenid%2520profile%26response_type%3Dcode%26pfidpadapterid%3DHsidNewUIOidc%26redirect_uri%3Dhttps%3A%2F%2Fspecialty.optumrx.com%2Fpatients%2Fauth%2Fprofile%26portal%3Dosp%26client_id%3DHSIDBVRX10039&reason=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://click.yourpharmacybenefits.com/?qs=bcd15594a2e0828bb1ab51aa101749ce0b31bd2851c74c1c385c549e4367ee413ad15137a3df38a50dda6ef1d446494f751932a7a7f45301fb5b816e6cf700ff HTTP 302
- https://specialty.optumrx.com/patient/login?cid=em:osp:transactional:237-2way::::
- https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1683734096186 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1683734096186
- https://cm.everesttech.net/cm/dd?d_uuid=41725022563610299534390370493822320089 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFu_UAAAAG1viAN-
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE3MjUwMjI1NjM2MTAyOTk1MzQzOTAzNzA0OTM4MjIzMjAwODk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE3MjUwMjI1NjM2MTAyOTk1MzQzOTAzNzA0OTM4MjIzMjAwODk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHkU_7Ol1S9cIIxPlxIUmeQ&google_cver=1?gdpr=0&gdpr_consent=
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
login
specialty.optumrx.com/patient/ Redirect Chain
|
13 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfghjqrux_10259230221142207.js
specialty.optumrx.com/patient/api/ |
255 KB 96 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-8ca72b2f06c26fd1.js
specialty.optumrx.com/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-34ae0f2c4b5db51c.js
specialty.optumrx.com/_next/static/chunks/ |
138 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-54f7ddd0bbdcbf38.js
specialty.optumrx.com/_next/static/chunks/ |
104 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-54d7eb987e20e9f1.js
specialty.optumrx.com/_next/static/chunks/pages/ |
459 KB 133 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-9e60c77dd59a74b8.js
specialty.optumrx.com/_next/static/chunks/pages/patient/ |
1 KB 957 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
specialty.optumrx.com/_next/static/aj18vyPQen40uKk47BPFI/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
specialty.optumrx.com/_next/static/aj18vyPQen40uKk47BPFI/ |
76 B 282 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.slim.min.js
code.jquery.com/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-7f3704dcf291.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/ |
254 KB 67 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.2.min.js
js.monitor.azure.com/scripts/b/ |
119 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
976 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ |
34 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 258 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
unitedhealthgroup.demdex.net/ Frame 71E9 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.optum.com/ |
48 B 461 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=ZFu_UAAAAG1viAN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEHkU_7Ol1S9cIIxPlxIUmeQ&google_cver=1
dpm.demdex.net/ Frame 71E9 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 71E9 |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe_api
www.youtube.com/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com/SIE/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCcbdbb2cd29e14c15bce16f9bcb9d47ad-source.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/ |
2 KB 993 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_956e9318-977f-41b9-8214-a38c2ce748a2
specialty.optumrx.com/patient/api/ |
122 B 293 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
www.healthsafe-id.com/rt/ Redirect Chain
|
5 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 163 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OptumSans-Regular.woff2
specialtycms.optumrx.com/sites/default/files/fonts/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.sbix
global.ib-ibi.com/ Frame 71E9 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCc8af4519508b4f37a78b6d2f9a413b96-source.min.js
assets.adobedtm.com/512027f42d3c/e887fe8ab1c9/c276fd25e0ab/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/65ceadf9/www-widgetapi.vflset/ |
185 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.ff5c35506eb6156df16c.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
64 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s15391855709564
smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/ |
43 B 203 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s1798185853783
smetrics.optum.com/b/ss/optumrxbriovarxprod/1/JS-2.23.0-LDQM/ |
43 B 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 162 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 163 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bundles-average.js
www.healthsafe-id.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ruxitagentjs_ICA27NVdefghjqrtux_10259230221142207.js
www.healthsafe-id.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- global.ib-ibi.com
- URL
- https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=41725022563610299534390370493822320089
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-HWWZ3TW7V2>m=45je3580&_p=651973053&cid=906872501.1683734096&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683734096&sct=1&seg=0&dl=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A237-2way%3A%3A%3A%3A&dt=&en=scroll&epn.percent_scrolled=90&_et=8
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-HWWZ3TW7V2>m=45je3580&_p=651973053&cid=906872501.1683734096&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1683734096&sct=1&seg=0&dl=https%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A237-2way%3A%3A%3A%3A&dt=&en=user_engagement&_et=4802
- Domain
- www.healthsafe-id.com
- URL
- https://www.healthsafe-id.com/assets/bundles-average.js
- Domain
- www.healthsafe-id.com
- URL
- https://www.healthsafe-id.com/ruxitagentjs_ICA27NVdefghjqrtux_10259230221142207.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.optumrx.com/ | Name: dtCookie Value: v_4_srv_39_sn_A75F0F92C026A8562A7194854325D82F_perc_100000_ol_0_mul_1_app-3A24e216029dc34234_1 |
|
.optumrx.com/ | Name: rxVisitor Value: 1683734096037HAVA7GRG5CBPDJS3KE5L04RMM1NV819F |
|
.optumrx.com/ | Name: dtLatC Value: 377 |
|
specialty.optumrx.com/ | Name: ai_user Value: gWBSNiPr5rgw5WlKynPDBA|2023-05-10T15:54:56.232Z |
|
.optumrx.com/ | Name: _ga Value: GA1.1.906872501.1683734096 |
|
.optumrx.com/ | Name: _ga_HWWZ3TW7V2 Value: GS1.1.1683734096.1.0.1683734096.0.0.0 |
|
.demdex.net/ | Name: demdex Value: 41725022563610299534390370493822320089 |
|
.optumrx.com/ | Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1 |
|
specialty.optumrx.com/ | Name: ai_session Value: jkXUJM6UV4uehuGQi5Uvme|1683734096525|1683734096525 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZFu_UAAAAG1viAN- |
|
.dpm.demdex.net/ | Name: dpm Value: 41725022563610299534390370493822320089 |
|
.optumrx.com/ | Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19488%7CMCMID%7C38951322895382524563676138152102994480%7CMCAAMLH-1684338896%7C6%7CMCAAMB-1684338896%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1683741296s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19495%7CvVersion%7C5.5.0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmIdvwmjYZEahhLVTb9b9RY7isHPfDbimHgn-hLaxyCUuQMQfviTu0kFEfR_Mo |
|
.optumrx.com/ | Name: rxvt Value: 1683735896716|1683734096042 |
|
.optumrx.com/ | Name: dtPC Value: 39$134096031_192h-vHGOKHVNNQPAAWHKFPUAKHAMGOEWSUQMB-0e0 |
|
.optumrx.com/ | Name: dtSa Value: false%7C_load_%7C4%7C_onload_%7C-%7C1683734096718%7C134096031_192%7Chttps%3A%2F%2Fspecialty.optumrx.com%2Fpatient%2Flogin%3Fcid%3Dem%3Aosp%3Atransactional%3A237-2way%3A%3A%3A%3A%7C%7C%7C%7C |
|
.youtube.com/ | Name: YSC Value: xHiolOiAWhM |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: AwPkT4Q3Ekw |
|
.demdex.net/ | Name: dextp Value: 771-1-1683734096562|903-1-1683734096663|285689-1-1683734096821 |
|
.optumrx.com/ | Name: s_cc Value: true |
|
specialty.optumrx.com/ | Name: ASLBSA Value: 0003587a9ba17085ac8ca686cfb966312bc3a1195d3c7bdbaf53490ecf107b538347d9b417982993507dae2baf4ee1574f060dbf88fd57b5bce08f82edad720873e6 |
|
specialty.optumrx.com/ | Name: ASLBSACORS Value: 0003587a9ba17085ac8ca686cfb966312bc3a1195d3c7bdbaf53490ecf107b538347d9b417982993507dae2baf4ee1574f060dbf88fd57b5bce08f82edad720873e6 |
|
sso.optum.com/ | Name: ext-PF Value: Ouq3aKDqxVaHq5OUR3jFYt05ApJ5ScXeXtqpK12ClR2f |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
click.yourpharmacybenefits.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
dc.services.visualstudio.com
dpm.demdex.net
global.ib-ibi.com
js.monitor.azure.com
match.adsrvr.org
region1.google-analytics.com
siteintercept.qualtrics.com
smetrics.optum.com
specialty.optumrx.com
specialtycms.optumrx.com
sso.optum.com
unitedhealthgroup.demdex.net
www.googletagmanager.com
www.healthsafe-id.com
www.youtube.com
zn0anhpa0wwywyr14-uhg1.siteintercept.qualtrics.com
global.ib-ibi.com
region1.google-analytics.com
www.healthsafe-id.com
104.17.209.240
13.111.148.8
13.69.106.88
142.250.186.34
149.111.166.210
168.183.36.21
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
2620:1ec:29:1::45
2620:1ec:48:1::45
2a00:1450:4001:80e::200e
2a00:1450:4001:82b::2008
2a02:26f0:3500:597::1e80
3.33.220.150
52.16.185.84
52.213.166.38
52.31.88.82
63.140.62.135
070aebee4c79bd020c5349fdb796770178efd6d3ea6ee117fd5d15abd294dd9e
3edc5ba2927089d27a1578afc8c028458111a8278208bf45c49726c3c5e7b96c
4253711347cfba2c17b55db68451a1466a1fd827b524ca1bd938475803b83f14
556f104169320e5a7cb44e31755c76b52a638e44390c0dadaf284e0a67b808ed
61a64dc9b8891b3016f64d73dcf325a224fb1da48aef0a2358a269616ba195ed
679a89792c6667a5ef5606e009328640dc1ba78b04f8c876378748967221fa48
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
825d7b44f8e4a0fa577e5cd41420cdf873c19269e0512ee7eef7d2cfddddbf15
829f5301118e5e28452ce7f37d4ca4cfcd66128c82a8ce6d9f28a834ea0def3b
8b769c30deab49e223d891864b0469e3258ed30b0a8b13ba60f678d25e45d6ec
9779f80ace93f9007f01f631209a1c4677ab339246e1859ec1e2cd823920f338
a9623e0ddb3fb3688c409d5345429bebd59eb5015533f2c0d575a868265fea6f
bae4dae57e48273f4785f8b1cc8b7aa93c6295adc8c64629510a03e66bf0f88a
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
d23fc181e5c40c2fb94f756b3be4c426b6219b0a67a4ca7a23decbe13536c3ef
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629