urlscan.io logo urlscan.io
SecurityTrails logo

member.uhc.com Open in urlscan Pro
45.60.33.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.e-notifications.myuhc.com/?qs=35aea0307eefdab71762627fa27f1d97c2d0eb56b3a6320d019de191eec2e453b2c6ceb3dfbd2a5a2958f15e01fa...
Effective URL: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:t...
Submission: On April 07 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 45.60.33.26, located in United States and belongs to INCAPSULA, US. The main domain is member.uhc.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 22nd 2021. Valid for: a year.
This is the only time member.uhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.231.91.47 22606 (EXACT-7)
5 45.60.33.26 19551 (INCAPSULA)
1 151.101.114.110 54113 (FASTLY)
2 162.247.242.19 23467 (NEWRELIC-...)
8 3
Apex Domain
Subdomains		 Transfer
5 uhc.com
member.uhc.com
2 MB
2 nr-data.net
bam.nr-data.net
456 B
1 newrelic.com
js-agent.newrelic.com
14 KB
1 myuhc.com
click.e-notifications.myuhc.com
323 B
8 4
Domain Requested by
5 member.uhc.com member.uhc.com
2 bam.nr-data.net member.uhc.com
1 js-agent.newrelic.com member.uhc.com
1 click.e-notifications.myuhc.com 1 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
member.uhc.com
COMODO RSA Organization Validation Secure Server CA		 2021-01-22 -
2022-01-22		 a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Frame ID: F9722440749AB0C3049165BF8C9500B2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.e-notifications.myuhc.com/?qs=35aea0307eefdab71762627fa27f1d97c2d0eb56b3a6320d019de191eec2e453b2c6ceb3... HTTP 302
    https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDat... Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1735 kB
Transfer

7769 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.e-notifications.myuhc.com/?qs=35aea0307eefdab71762627fa27f1d97c2d0eb56b3a6320d019de191eec2e453b2c6ceb3dfbd2a5a2958f15e01fa3cefe668981fe19558c8404c2591b9ad50dc HTTP 302
    https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request claims
member.uhc.com/claims-and-accounts/
Redirect Chain
  • http://click.e-notifications.myuhc.com/?qs=35aea0307eefdab71762627fa27f1d97c2d0eb56b3a6320d019de191eec2e453b2c6ceb3dfbd2a5a2958f15e01fa3cefe668981fe19558c8404c2591b9ad50dc
  • https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0d47e4b70f8daaa280a7a790a0a98f1b617aa1b4d7117cd1bebae536d60a7a9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
member.uhc.com
:scheme
https
:path
/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

etag
W/"60635d63-492"
last-modified
Tue, 30 Mar 2021 17:18:27 GMT
content-type
text/html
content-length
562
content-encoding
gzip
cache-control
max-age=60, public
expires
Wed, 07 Apr 2021 01:42:41 GMT
date
Wed, 07 Apr 2021 01:41:41 GMT
set-cookie
visid_incap_2076937=JONHccKYS8+SLOB2rCR89NQNbWAAAAAAQUIPAAAAAABfO0h6IIzFKNe/8Um2DTMV; expires=Wed, 06 Apr 2022 10:47:33 GMT; HttpOnly; path=/; Domain=.uhc.com; Secure; SameSite=None incap_ses_1099_2076937=236UEOyGQTo4A8/gBW9AD9UNbWAAAAAA5JIPOnVRyGYe1SpltpHaeg==; path=/; Domain=.uhc.com; Secure; SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
13-33274002-33270339 2VNN RT(1617759700798 0) q(0 1 1 0) r(4 4)

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Date
Wed, 07 Apr 2021 01:41:41 GMT
Connection
close
Content-Length
265
new-relic-configuration.js
member.uhc.com/claims-and-accounts/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/new-relic-configuration.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5c586c4b110c94e957b87a175e5da9f909f07c7d7c0b102a021d90bf470dafde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 01:41:42 GMT
content-encoding
gzip
content-security-policy-report-only
base-uri 'self'; default-src 'self'; script-src 'self' *.google-analytics.com *.iperceptions.com art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com; frame-ancestors 'none'; connect-src 'self' *.iperceptions.com *.optum.com *.uhc.com *.werally.com *.werally.in api.amplitude.com bam.nr-data.net dpm.demdex.net unitedhealthgroup.tt.omtrdc.net ws.sessioncam.com *.qualtrics.com wss://*.sendbird.com https://*.sendbird.com; style-src 'self' 'unsafe-inline'; img-src 'self' *.everesttech.net *.google-analytics.com *.iperceptions.com *.myuhc.com *.optum.com *.rally-dev.com *.uhc.com *.werally.com *.werally.in data: dpm.demdex.net s3.amazonaws.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com simpleicon.com; child-src *.iperceptions.com fast.unitedhealthgroup.demdex.net unitedhealthgroup.demdex.net; object-src 'none'; font-src 'self' *.iperceptions.com; report-uri /rest/csp-reporter;
last-modified
Tue, 30 Mar 2021 17:18:27 GMT
x-cdn
Imperva
x-frame-options
DENY
etag
W/"60635d63-614e"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
13-33274007-33270339 2NNN RT(1617759701222 0) q(0 0 0 -1) r(4 4)
cache-control
public, max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
check-for-ie.js
member.uhc.com/claims-and-accounts/ 		274 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/check-for-ie.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1aad7bf55fd12e1de2848870e131c3137aa446a66dca515bde2662841658598b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 01:41:42 GMT
content-encoding
gzip
content-security-policy-report-only
base-uri 'self'; default-src 'self'; script-src 'self' *.google-analytics.com *.iperceptions.com art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com; frame-ancestors 'none'; connect-src 'self' *.iperceptions.com *.optum.com *.uhc.com *.werally.com *.werally.in api.amplitude.com bam.nr-data.net dpm.demdex.net unitedhealthgroup.tt.omtrdc.net ws.sessioncam.com *.qualtrics.com wss://*.sendbird.com https://*.sendbird.com; style-src 'self' 'unsafe-inline'; img-src 'self' *.everesttech.net *.google-analytics.com *.iperceptions.com *.myuhc.com *.optum.com *.rally-dev.com *.uhc.com *.werally.com *.werally.in data: dpm.demdex.net s3.amazonaws.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com simpleicon.com; child-src *.iperceptions.com fast.unitedhealthgroup.demdex.net unitedhealthgroup.demdex.net; object-src 'none'; font-src 'self' *.iperceptions.com; report-uri /rest/csp-reporter;
last-modified
Tue, 30 Mar 2021 17:18:27 GMT
x-cdn
Imperva
x-frame-options
DENY
etag
W/"60635d63-112"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
13-33274008-33272296 2NNN RT(1617759701224 0) q(0 0 0 -1) r(4 4)
cache-control
public, max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
configuration.7723486fe5ace94b9fd7.js
member.uhc.com/claims-and-accounts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/configuration.7723486fe5ace94b9fd7.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
9ca59e837554335398cec21e70c22d6eb28065b8fa59c76bacf324116ba698aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 01:41:42 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 20:20:06 GMT
x-cdn
Imperva
etag
W/"60662af6-3ef4"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
13-33274009-33274010 NNNN CT(93 195 0) RT(1617759701225 0) q(0 0 3 -1) r(4 4) U2
cache-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
arcade.bundle.7723486fe5ace94b9fd7.js
member.uhc.com/claims-and-accounts/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/arcade.bundle.7723486fe5ace94b9fd7.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c0b17b969a092fedb4dd18b7fa3056d25fc07a29a1af2a76885bfadf99e01dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://member.uhc.com/claims-and-accounts/claims?filters=%7B%22sort%22:%7B%22by%22:%22processedDate%22,%22reverse%22:true%7D,%22values%22:%7B%7D%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 01:41:41 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 17:18:27 GMT
x-cdn
Imperva
etag
W/"60635d63-782d23"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-iinfo
13-33274011-33272294 2VNN RT(1617759701226 0) q(0 0 0 -1) r(4 4)
cache-control
max-age=1209600, public
content-length
1744436
expires
Wed, 21 Apr 2021 01:41:41 GMT
nr-spa-1167.min.js
js-agent.newrelic.com/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1167.min.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/new-relic-configuration.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33724c06ccbe331cd5b05f949e06fe180f3472e1b9fa150f0c58803b5e63a99d

Request headers

Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"85cffa0ca71f4cc2b7455585c9a4c43d"
x-amz-request-id
5VE6QFN853TTCRVR
x-cache
HIT
content-length
13893
x-amz-id-2
47vI3Q8vOzRPQqz8gWr2xJCCaWZvqJQeNRZuAh4fksSEvWSRHaPS/Mylv5P5YfKamvCR58318kE=
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 07 Feb 2020 23:39:57 GMT
server
AmazonS3
x-timer
S1617759703.241222,VS0,VE0
date
Wed, 07 Apr 2021 01:41:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
152
8f22def631
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f22def631?a=275850131&sa=1&v=1167.2a4546b&t=Unnamed%20Transaction&rst=2288&ref=https://member.uhc.com/claims-and-accounts/claims&be=1647&fe=2219&dc=2101&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1617759700971,%22n%22:0,%22f%22:687,%22dn%22:687,%22dne%22:721,%22c%22:721,%22s%22:732,%22ce%22:783,%22rq%22:783,%22rp%22:1196,%22rpe%22:1197,%22dl%22:1199,%22di%22:2101,%22ds%22:2101,%22de%22:2102,%22dc%22:2219,%22l%22:2219,%22le%22:2219%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/new-relic-configuration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
8f22def631
bam.nr-data.net/events/1/ 		24 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/8f22def631?a=275850131&sa=1&v=1167.2a4546b&t=Unnamed%20Transaction&rst=2786&ref=https://member.uhc.com/claims-and-accounts/claims
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/new-relic-configuration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://member.uhc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://member.uhc.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| checkForIE object| FEATURE_FLAGS object| CONFIG object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| angular

2 Cookies

Domain/Path Name / Value
.uhc.com/ Name: incap_ses_1099_2076937
Value: 236UEOyGQTo4A8/gBW9AD9UNbWAAAAAA5JIPOnVRyGYe1SpltpHaeg==
.uhc.com/ Name: visid_incap_2076937
Value: JONHccKYS8+SLOB2rCR89NQNbWAAAAAAQUIPAAAAAABfO0h6IIzFKNe/8Um2DTMV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains