urlscan.io logo urlscan.io
SecurityTrails logo

login.upmchp.com Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mcnet.upmchp.com/memberportal/
Effective URL: https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/authorize?client_id=03...
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.upmchp.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 24th 2022. Valid for: a year.
This is the only time login.upmchp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 151.195.136.102 122 (UPMC-AS122)
1 1 23.2.218.203 16625 (AKAMAI-AS)
1 151.195.136.178 122 (UPMC-AS122)
1 152.199.19.160 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.79 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
5 13.69.106.88 8075 (MICROSOFT...)
20 8
6    151.195.136.102 (United States)

ASN122 (UPMC-AS122, US)
PTR: vippdmzngf136102.isd.upmc.edu
mcnet.upmchp.com
1    23.2.218.203 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-218-203.deploy.static.akamaitechnologies.com
cloud.typography.com
1    151.195.136.178 (United States)

ASN122 (UPMC-AS122, US)
PTR: upmchealthplan.com
www.upmchealthplan.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
cdn.botframework.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    143.204.98.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-79.fra50.r.cloudfront.net
cdn.appdynamics.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.upmchp.com
5    13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
8 upmchp.com
mcnet.upmchp.com
login.upmchp.com
1 MB
5 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 683
444 B
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3632
45 KB
2 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 399
63 KB
1 botframework.com
cdn.botframework.com — Cisco Umbrella Rank: 20261
883 KB
1 upmchealthplan.com
www.upmchealthplan.com — Cisco Umbrella Rank: 289956
157 KB
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 7588
444 B
0 azurewebsites.net Failed
upmchp-iam-web.azurewebsites.net Failed
20 8
Domain Requested by
6 mcnet.upmchp.com mcnet.upmchp.com
cdn.appdynamics.com
5 dc.services.visualstudio.com cdn.appdynamics.com
mcnet.upmchp.com
2 login.upmchp.com cdn.appdynamics.com
mcnet.upmchp.com
2 cdn.appdynamics.com mcnet.upmchp.com
cdn.appdynamics.com
2 maps.googleapis.com mcnet.upmchp.com
maps.googleapis.com
1 cdn.botframework.com mcnet.upmchp.com
1 www.upmchealthplan.com mcnet.upmchp.com
1 cloud.typography.com 1 redirects
0 upmchp-iam-web.azurewebsites.net Failed login.upmchp.com
20 9

This site contains no links.

Subject Issuer Validity Valid
*.upmchp.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-11-24		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/authorize?client_id=03dcb12a-6e90-4b00-9848-530c91c706ea&redirect_uri=https%3A%2F%2Fmcnet.upmchp.com%2Fmemberportal%2Fconsumer-portal-login-redirect.html&response_type=id_token&scope=openid%20profile&state=d6ec619dfea34af187389d7318f83efe&nonce=5e961ac99ddc403f9e0ba60fce8b5348&prompt=select_account&response_mode=query
Frame ID: 941D4D94CD94AE33083AC1C86E68E582
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mcnet.upmchp.com/memberportal/ Page URL
  2. https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/au... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

20
Requests

90 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

2403 kB
Transfer

8688 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mcnet.upmchp.com/memberportal/ Page URL
  2. https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/authorize?client_id=03dcb12a-6e90-4b00-9848-530c91c706ea&redirect_uri=https%3A%2F%2Fmcnet.upmchp.com%2Fmemberportal%2Fconsumer-portal-login-redirect.html&response_type=id_token&scope=openid%20profile&state=d6ec619dfea34af187389d7318f83efe&nonce=5e961ac99ddc403f9e0ba60fce8b5348&prompt=select_account&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cloud.typography.com/6466912/608284/css/fonts.css HTTP 302
  • https://www.upmchealthplan.com/css/fonts/653903/42FB793A3EF04DF18.css

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mcnet.upmchp.com/memberportal/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
5de5a0d59f33bc59bad2973583a37b6b730e9b1732944f7db2c24a436763f868
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
1948
Content-Type
text/html
Date
Fri, 30 Jun 2023 18:26:48 GMT
ETag
"0848aa2f0aad91:0"
Last-Modified
Fri, 30 Jun 2023 01:17:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
42FB793A3EF04DF18.css
www.upmchealthplan.com/css/fonts/653903/
Redirect Chain
  • https://cloud.typography.com/6466912/608284/css/fonts.css
  • https://www.upmchealthplan.com/css/fonts/653903/42FB793A3EF04DF18.css
208 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.upmchealthplan.com/css/fonts/653903/42FB793A3EF04DF18.css
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Server
151.195.136.178 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
upmchealthplan.com
Software
/
Resource Hash
71997e0d35df54dce1b4bc3eabb1dbb63211a7bc38045fb972f8438d2dde104c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
none
Date
Fri, 30 Jun 2023 18:26:53 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Thu, 12 Apr 2018 18:28:04 GMT
ETag
"092bdfe8bd2d31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
159682

Redirect headers

Date
Fri, 30 Jun 2023 18:26:51 GMT
Last-Modified
Thu, 12 Apr 2018 14:29:34 GMT
Server
AkamaiNetStorage
X-HCo-pid
16
ETag
"07e1b04675fec99e1f3707ff9bb640b1:1592453261"
Content-Type
text/html
Location
https://www.upmchealthplan.com/css/fonts/653903/42FB793A3EF04DF18.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Fri, 30 June 2023 18:26:50 GMT
styles.9650a053d66c340aba60.css
mcnet.upmchp.com/memberportal/ 		202 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/styles.9650a053d66c340aba60.css
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
4c28fcf4a322025fa8a6d67dfeead2d18d5fa0ab90da6bc50dee93917d37fe18
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/memberportal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 18:26:49 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 30 Jun 2023 01:17:32 GMT
ETag
"0deeca4f0aad91:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
56699
webchat.js
cdn.botframework.com/botframework-webchat/4.15.7/ 		4 MB
883 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.botframework.com/botframework-webchat/4.15.7/webchat.js
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE5) /
Resource Hash
93124788450eacece23586a38a2b4db07afa3fce35a086fd7a81b187eca41afe

Request headers

Referer
https://mcnet.upmchp.com/
Origin
https://mcnet.upmchp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 30 Jun 2023 18:26:49 GMT
content-encoding
gzip
content-md5
MOUCWWsi60Qy9dD9I82RXw==
age
7145
x-cache
HIT
content-length
903345
x-ms-lease-status
unlocked
last-modified
Thu, 16 Feb 2023 02:11:33 GMT
server
ECAcc (frc/4CE5)
etag
0x8DB0FC320506811
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9489f053-f01e-002c-696f-ab8315000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:26:49 GMT
js
maps.googleapis.com/maps/api/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyD-jc4xrhauUIDYaDJM6OA5numjbiaLFJc
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
87036e00ad2ecee4c79aba86e099b0a04de0dfa10d03ffb80628bedc5b557697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 18:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64069
x-xss-protection
0
adrum-4.5.17.2890.js
cdn.appdynamics.com/adrum/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-79.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a7a992929b0af019d45d0b1707be3cfee029fb7c760300f9727ffb1e5fae507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 14:41:51 GMT
content-encoding
br
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 22:53:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
13499
etag
W/"9a5ad93a863d5640b323492ca8f1cd3c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1wJjW0xXqf2tPIxS0Dao1Ny8XyWIlOu0Y2cyX5sgriTR5h9ZdcF9wA==
runtime.fbd261f1be80d43c063c.js
mcnet.upmchp.com/memberportal/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/runtime.fbd261f1be80d43c063c.js
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
2f91ef398ecf1488027a1d417a68ef1ec6f78af494512231f5bf3947fa312583
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/memberportal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 18:26:49 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 30 Jun 2023 01:17:29 GMT
ETag
"801a23a3f0aad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2161
polyfills.6b168deaf81f90e3d4c2.js
mcnet.upmchp.com/memberportal/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/polyfills.6b168deaf81f90e3d4c2.js
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
1e25cf2d36559434529b9d60d62b7a80799e23a2d58f4a18b5a80d97840e2a02
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/memberportal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 18:26:49 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 30 Jun 2023 01:17:29 GMT
ETag
"801a23a3f0aad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
62883
main.7401266ba920678ea2a7.js
mcnet.upmchp.com/memberportal/ 		3 MB
888 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/main.7401266ba920678ea2a7.js
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
d8aa66f5d0479b3675dfb558254c6eb48ebcf33feeb1d42dc6e2c226f94309c4
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/memberportal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 18:26:49 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 30 Jun 2023 01:17:28 GMT
ETag
"0848aa2f0aad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
909212
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5998b62e57a124f340702449482ad6bf325c2bcd289d9e04be8dce1cc61e6dd7

Request headers

Referer
Origin
https://mcnet.upmchp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f3481892669c448d2e80c80a2a954d27f63a6d360667b6059e557d6dbe90777

Request headers

Referer
Origin
https://mcnet.upmchp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD-jc4xrhauUIDYaDJM6OA5numjbiaLFJc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 18:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mcnet.upmchp.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
config.json
mcnet.upmchp.com/memberportal/assets/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcnet.upmchp.com/memberportal/assets/config.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.195.136.102 , United States, ASN122 (UPMC-AS122, US),
Reverse DNS
vippdmzngf136102.isd.upmc.edu
Software
/
Resource Hash
b48a4e860a1821b14d5dcb695588aa5799048a1713684c81833bb44db626e621
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://mcnet.upmchp.com/memberportal/
adrum
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 18:26:54 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Fri, 30 Jun 2023 01:17:28 GMT
Accept-Ranges
bytes
ETag
"9a86d7a2f0aad91:0"
Content-Length
4735
Content-Type
application/json
adrum-ext.a5e921eab2dde2c5ab4b79ea636b8271.js
cdn.appdynamics.com/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.a5e921eab2dde2c5ab4b79ea636b8271.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-79.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df69c91663e4636edcbbb54e14e7763ca70c5cdb66d448279b4e16dee8bb896a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 19:13:13 GMT
content-encoding
br
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jan 2020 22:53:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
83622
etag
W/"11c375c0956e31cc0ae2579ec18666d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
OiT_bYf2Kwv-CxGlsrz2IrHnZ5qm531AZo9_tA1xxWNmoxu3LBympA==
openid-configuration
login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/B2C_1A_LocalMemberSignIn/v2.0/.well-known/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/B2C_1A_LocalMemberSignIn/v2.0/.well-known/openid-configuration
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcnet.upmchp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 18:26:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
public
OPTIONS,TRACE,GET,HEAD,POST
x-ms-gateway-requestid
69222a79-3ef7-400a-b0a0-3fbed0ce0af3
content-length
1562
x-xss-protection
1; mode=block
x-azure-ref
20230630T182654Z-femnaqvzw162d2mmhe7ewycm8400000004u000000000vdwm
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mcnet.upmchp.com
cache-control
no-store, must-revalidate, no-cache
allow
OPTIONS, TRACE, GET, HEAD, POST
accept-ranges
bytes
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://mcnet.upmchp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 30 Jun 2023 18:26:54 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49db07c9b3c84bc2e4679723f37d6e9f8a4c33f54f55912dfb60e042da7f604f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://mcnet.upmchp.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
F28AC171-3361-44D1-8B8C-857AC79B3DA1
strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 18:26:54 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://mcnet.upmchp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 30 Jun 2023 18:26:54 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.17.2890.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49db07c9b3c84bc2e4679723f37d6e9f8a4c33f54f55912dfb60e042da7f604f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://mcnet.upmchp.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
5EE9965F-CBC9-4075-AD8C-355A03C989C0
strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 18:26:54 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/main.7401266ba920678ea2a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mcnet.upmchp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
Primary Request authorize
login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/ 		209 KB
212 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/b2c_1a_localmembersignin/oauth2/v2.0/authorize?client_id=03dcb12a-6e90-4b00-9848-530c91c706ea&redirect_uri=https%3A%2F%2Fmcnet.upmchp.com%2Fmemberportal%2Fconsumer-portal-login-redirect.html&response_type=id_token&scope=openid%20profile&state=d6ec619dfea34af187389d7318f83efe&nonce=5e961ac99ddc403f9e0ba60fce8b5348&prompt=select_account&response_mode=query
Requested by
Host: mcnet.upmchp.com
URL: https://mcnet.upmchp.com/memberportal/main.7401266ba920678ea2a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f5361086bfdbf510f9470eb3737023b6fb7eedfa54fab770a1cfd90d344d145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mcnet.upmchp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
allow
OPTIONS TRACE GET HEAD POST
cache-control
no-store, must-revalidate, no-cache
content-length
214264
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 18:26:58 GMT
expires
-1
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20230630T182655Z-kbwhwq6kv90rp8pg5zbxm7041400000000u000000001x9zy
x-build
1.0.2978.0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-gateway-requestid
3cac2e07-1336-44c4-863d-fe6a58b7ab7c
x-request-id
7d78f479-d392-41c9-8c7c-8e2f8acdd249
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
MemberSignInUsernameOrEmail
upmchp-iam-web.azurewebsites.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
upmchp-iam-web.azurewebsites.net
URL
https://upmchp-iam-web.azurewebsites.net/MemberSignInUsernameOrEmail

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

7 Cookies

Domain/Path Name / Value
mcnet.upmchp.com/memberportal Name: f5avraaaaaaaaaaaaaaaa_session_
Value: POBJPFPOPHOFGKAIKMIIDLIDOPNIJGDNIKBDKNKNPOGMJFPMEKNBFMHCKDAHNJPKPBADLHIKOOABFPCNGFPAJLPIBBJCNFIOKOMEMGBLEIHNNGOPOOJELBHGFHOCAOBI
mcnet.upmchp.com/memberportal Name: upmc.intended-route
Value: /main
mcnet.upmchp.com/memberportal Name: cp-b2c.d6ec619dfea34af187389d7318f83efe
Value: {"id":"d6ec619dfea34af187389d7318f83efe","created":1688149615,"request_type":"si:r","nonce":"5e961ac99ddc403f9e0ba60fce8b5348","redirect_uri":"https://mcnet.upmchp.com/memberportal/consumer-portal-login-redirect.html","authority":"https://login.upmchp.com/c9d00c84-a71b-4f86-b504-b56ac68d8618/B2C_1A_LocalMemberSignIn/v2.0/.well-known/openid-configuration","client_id":"03dcb12a-6e90-4b00-9848-530c91c706ea","response_mode":"query","scope":"openid profile","extraTokenParams":{}}
mcnet.upmchp.com/ Name: TS01234cc1
Value: 01de25bae3e102b8f3238c28c6a580a9b0d6123dfbf849673c78ba79b89b76e30603875fc5696d9d915023377c85d11827b632f33f
mcnet.upmchp.com/ Name: ai_user
Value: FZUNp81rg4fDPRQqVl2QAf|2023-06-30T18:26:54.278Z
mcnet.upmchp.com/ Name: ai_session
Value: YTAmqfB+v3gfiFj/ffMxR/|1688149614804|1688149614804
.upmchp.com/ Name: ADRUM
Value: s=1688149615779&r=https%3A%2F%2Fmcnet.upmchp.com%2Fmemberportal%2F%3F1132

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
cdn.botframework.com
cloud.typography.com
dc.services.visualstudio.com
login.upmchp.com
maps.googleapis.com
mcnet.upmchp.com
upmchp-iam-web.azurewebsites.net
www.upmchealthplan.com
upmchp-iam-web.azurewebsites.net
13.69.106.88
143.204.98.79
151.195.136.102
151.195.136.178
152.199.19.160
23.2.218.203
2620:1ec:bdf::45
2a00:1450:4001:809::200a
1e25cf2d36559434529b9d60d62b7a80799e23a2d58f4a18b5a80d97840e2a02
2f91ef398ecf1488027a1d417a68ef1ec6f78af494512231f5bf3947fa312583
3a7a992929b0af019d45d0b1707be3cfee029fb7c760300f9727ffb1e5fae507
49db07c9b3c84bc2e4679723f37d6e9f8a4c33f54f55912dfb60e042da7f604f
4c28fcf4a322025fa8a6d67dfeead2d18d5fa0ab90da6bc50dee93917d37fe18
5998b62e57a124f340702449482ad6bf325c2bcd289d9e04be8dce1cc61e6dd7
5de5a0d59f33bc59bad2973583a37b6b730e9b1732944f7db2c24a436763f868
71997e0d35df54dce1b4bc3eabb1dbb63211a7bc38045fb972f8438d2dde104c
87036e00ad2ecee4c79aba86e099b0a04de0dfa10d03ffb80628bedc5b557697
8f5361086bfdbf510f9470eb3737023b6fb7eedfa54fab770a1cfd90d344d145
93124788450eacece23586a38a2b4db07afa3fce35a086fd7a81b187eca41afe
9f3481892669c448d2e80c80a2a954d27f63a6d360667b6059e557d6dbe90777
b48a4e860a1821b14d5dcb695588aa5799048a1713684c81833bb44db626e621
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d8aa66f5d0479b3675dfb558254c6eb48ebcf33feeb1d42dc6e2c226f94309c4
df69c91663e4636edcbbb54e14e7763ca70c5cdb66d448279b4e16dee8bb896a