urlscan.io logo urlscan.io
SecurityTrails logo

healthsafeid.optum.com Open in urlscan Pro
168.183.37.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://healthsafeid.optum.com/protected/mdm/challenge
Effective URL: https://healthsafeid.optum.com/protected/error/999999
Submission: On December 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 168.183.37.28, located in United States and belongs to UHC, US. The main domain is healthsafeid.optum.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 6th 2021. Valid for: a year.
This is the only time healthsafeid.optum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 168.183.37.28 10879 (UHC)
3 1
Apex Domain
Subdomains		 Transfer
4 optum.com
healthsafeid.optum.com
100 KB
3 1
Domain Requested by
4 healthsafeid.optum.com 1 redirects healthsafeid.optum.com
3 1

This site contains no links.

Subject Issuer Validity Valid
healthsafeid.optum.com
COMODO RSA Organization Validation Secure Server CA		 2021-04-06 -
2022-04-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://healthsafeid.optum.com/protected/error/999999
Frame ID: 9D6B7DD8CE3EC016698861092FC80B56
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HealthSafe ID®

Page URL History Show full URLs

  1. https://healthsafeid.optum.com/protected/mdm/challenge HTTP 303
    https://healthsafeid.optum.com/protected/error/999999 Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

99 kB
Transfer

261 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://healthsafeid.optum.com/protected/mdm/challenge HTTP 303
    https://healthsafeid.optum.com/protected/error/999999 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 999999
healthsafeid.optum.com/protected/error/
Redirect Chain
  • https://healthsafeid.optum.com/protected/mdm/challenge
  • https://healthsafeid.optum.com/protected/error/999999
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://healthsafeid.optum.com/protected/error/999999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-ctc.optum.com
Software
/
Resource Hash
842ac25dfd90b8f70750411359451886674a77060bab2d54c3ea24aa9c3dac6b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 11 Dec 2021 06:01:06 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff nosniff
X-OneAgent-JS-Injection
true
X-Application-Context
HSID:clicktocall,gateway,prod,kubernetes:9080
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Content-Language
de-DE
Vary
Accept-Encoding
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Server-Timing
dtRpid;desc="-846015813"
X-ps-id
PCHS1

Redirect headers

Date
Sat, 11 Dec 2021 06:01:06 GMT
Content-Length
0
Connection
keep-alive
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff nosniff
X-OneAgent-JS-Injection
true
X-Application-Context
HSID:clicktocall,gateway,prod,kubernetes:9080
Location
../../protected/error/999999
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Content-Language
de-DE
X-XSS-Protection
1; mode=block
Server-Timing
dtRpid;desc="-1031161680"
X-ps-id
PCHS3
ruxitagentjs_ICA27SVdefghjqrtux_10225210924095553.js
healthsafeid.optum.com/ 		258 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://healthsafeid.optum.com/ruxitagentjs_ICA27SVdefghjqrtux_10225210924095553.js
Requested by
Host: healthsafeid.optum.com
URL: https://healthsafeid.optum.com/protected/error/999999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-ctc.optum.com
Software
/
Resource Hash
08b32a4290a54be3f9602c5e273e467dae320523564000d224cfb8b6ed72f923
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://healthsafeid.optum.com/protected/error/999999
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sat, 11 Dec 2021 06:01:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Connection
keep-alive
Content-Length
98043
Expires
Sun, 11 Dec 2022 06:01:06 GMT
rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f
healthsafeid.optum.com/ 		846 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://healthsafeid.optum.com/rb_17a3a45c-ebd2-4cdb-86ec-5f31606b813f?app=ea7c4b59f27d43eb;crc=489897668;end=1
Requested by
Host: healthsafeid.optum.com
URL: https://healthsafeid.optum.com/ruxitagentjs_ICA27SVdefghjqrtux_10225210924095553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.183.37.28 , United States, ASN10879 (UHC, US),
Reverse DNS
healthsafeid-ctc.optum.com
Software
/
Resource Hash
382c86e518386bb87f9760657f8a15ff4f294c40b8f79de8c65a689d41bde9a0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://healthsafeid.optum.com/protected/error/999999
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 11 Dec 2021 06:01:08 GMT
Connection
keep-alive
Content-Length
846
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dT_ object| dtrum

10 Cookies

Domain/Path Name / Value
healthsafeid.optum.com/ Name: HSID_V
Value: dfe6a992-0bb6-4d14-a792-b07f9d4c6bd1
healthsafeid.optum.com/ Name: SESSION
Value: ZTU2ODEwODYtZTZhYS00NDA0LTkzZTAtMjczM2FmY2RkNDEy
healthsafeid.optum.com/ Name: cb5c6bff9e487b35cd8325f60b6bb412
Value: 596e7a253093ff0708a24e5cb502267f
healthsafeid.optum.com/ Name: 3fd1cbabb18f58d4977cfb4ab52850b9
Value: c0d88814a10ffb3cb2500221f2e1850b
healthsafeid.optum.com/ Name: BIGipServerapps.ocp-ctc-dmz.optum.com_80
Value: 462278410.20480.0000
.optum.com/ Name: dtCookie
Value: v_4_srv_46_sn_84D9D6DE804DE29741863BBB20983DB9_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0
.optum.com/ Name: rxVisitor
Value: 16392024670819ADMGU5MGC4349V5JI9A6KE1J4U6OLS1
.optum.com/ Name: dtSa
Value: -
.optum.com/ Name: rxvt
Value: 1639204267122|1639202467083
.optum.com/ Name: dtPC
Value: 46$2467079_586h-vEUAFOIUPGIDNCJTHVPBARUCUSAPDSHKP-0e0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

healthsafeid.optum.com
168.183.37.28
08b32a4290a54be3f9602c5e273e467dae320523564000d224cfb8b6ed72f923
382c86e518386bb87f9760657f8a15ff4f294c40b8f79de8c65a689d41bde9a0
842ac25dfd90b8f70750411359451886674a77060bab2d54c3ea24aa9c3dac6b