urlscan.io logo urlscan.io
SecurityTrails logo

myhealthaccount.voya.com Open in urlscan Pro
45.223.165.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
Effective URL: https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
Submission: On July 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 45.223.165.93, located in United States and belongs to INCAPSULA, US. The main domain is myhealthaccount.voya.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 2nd 2022. Valid for: a year.
This is the only time myhealthaccount.voya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.223.165.93 19551 (INCAPSULA)
1 1
Apex Domain
Subdomains		 Transfer
2 voya.com
myhealthaccount.voya.com
51 KB
1 1
Domain Requested by
2 myhealthaccount.voya.com 1 redirects
1 1

This site contains no links.

Subject Issuer Validity Valid
myhealthaccount.voya.com
Thawte TLS RSA CA G1		 2022-09-02 -
2023-09-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
Frame ID: 888A30D08AF4524AF322994980C6735A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PortalSkinHandler.ashx (529×357)

Page URL History Show full URLs

  1. http://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA HTTP 301
    https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

51 kB
Transfer

50 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA HTTP 301
    https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PortalSkinHandler.ashx
myhealthaccount.voya.com/
Redirect Chain
  • http://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
  • https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
50 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.165.93 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b14e99fa38a2b6b9ce10483e92283994b4ad51da1ce675f2127a567259e42104
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com https://www.google.com https://www.gstatic.com https://cdn.evgnet.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com fonts.googleapis.com; font-src 'self' https://maxcdn.bootstrapcdn.com fonts.gstatic.com; media-src *; object-src 'none'; frame-src 'self' http: fast.whc.demdex.net; connect-src 'self' dpm.demdex.net https://northamerica.directline.botframework.com wss://northamerica.directline.botframework.com blob:; img-src 'self' * data:;;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate, max-age=0
content-length
50763
content-security-policy
upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com https://www.google.com https://www.gstatic.com https://cdn.evgnet.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com fonts.googleapis.com; font-src 'self' https://maxcdn.bootstrapcdn.com fonts.gstatic.com; media-src *; object-src 'none'; frame-src 'self' http: fast.whc.demdex.net; connect-src 'self' dpm.demdex.net https://northamerica.directline.botframework.com wss://northamerica.directline.botframework.com blob:; img-src 'self' * data:;;
content-type
image/jpeg
date
Wed, 26 Jul 2023 18:43:24 GMT
etag
BFBCE218B0FC7AE0BA8FE525C0DC2491
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cdn
Imperva
x-iinfo
13-14373482-14373508 NNNN CT(103 219 0) RT(1690397004872 72) q(0 0 3 0) r(4 4) U2
x-ua-compatible
IE=edge

Redirect headers

Connection
close
Content-Length
0
Location
https://myhealthaccount.voya.com/PortalSkinHandler.ashx?file=1&type=401&emp=GILS&adm=VYA

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
myhealthaccount.voya.com/ Name: ASP.NET_SessionId
Value: gerq5orh3l54cqnbj5ixocve
myhealthaccount.voya.com/ Name: BIGipServerVER1CP1_PORTAL_CONSUMER_8080_POOL
Value: !x70WO6vhY1GMduwmla/TC/jiSYOhPP6i5fvLPrlDsFvYim+LW+wZQUw+Z65/iof+AMcuv85skaz+two=
myhealthaccount.voya.com/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: PEADDMCHDOOHKMJODHBPAOOFOBGHAFFFPNMAMHLMJCPDEAIFGDHKIFNDDPDHINFBMAMDFHFDCJNPNLNFACEAOCIDAGKKBNENGCLGEODFONKAFECKDCFMBFLHJBGHNBCL
myhealthaccount.voya.com/ Name: TS01d72909
Value: 011148bceca2babe66713c7517f87cac0b7d577b6a82d877a0800da7e7eb9804213516057232c09e25a134fd2e730681a317efbcfb145f4a391d0aca0604c31216f4523fd8cd58b2e79d14cbbf09d61a9b84cd80c9104bdbf047a5ba5656e6719f983f876e
.voya.com/ Name: visid_incap_2866923
Value: cC2cI5cuTH6+G5BM6zBk7kxpwWQAAAAAQUIPAAAAAAAIEgaOUUQ/Wwe/+KLlS1n0
.voya.com/ Name: incap_ses_1515_2866923
Value: u5fdT50oq363rhGH+1wGFU1pwWQAAAAAS/aVckTfHIwcq7dwpOY6EA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.adobedtm.com https://www.google.com https://www.gstatic.com https://cdn.evgnet.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com fonts.googleapis.com; font-src 'self' https://maxcdn.bootstrapcdn.com fonts.gstatic.com; media-src *; object-src 'none'; frame-src 'self' http: fast.whc.demdex.net; connect-src 'self' dpm.demdex.net https://northamerica.directline.botframework.com wss://northamerica.directline.botframework.com blob:; img-src 'self' * data:;;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

myhealthaccount.voya.com
45.223.165.93
b14e99fa38a2b6b9ce10483e92283994b4ad51da1ce675f2127a567259e42104