urlscan.io logo urlscan.io
SecurityTrails logo

member.uhc.com Open in urlscan Pro
45.60.33.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.edelivery.uhc.com/?qs=85e546265fafb0c2a7c8fe9131ab9fd0ef59438ed294e32a1a07fe6181ad2977bfde35eb300cec4152dd41279398...
Effective URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=...
Submission: On April 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 36 HTTP transactions. The main IP is 45.60.33.26, located in United States and belongs to INCAPSULA, US. The main domain is member.uhc.com. The Cisco Umbrella rank of the primary domain is 51416.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 27th 2023. Valid for: a year.
This is the only time member.uhc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.210.35 14340 (SALESFORCE)
25 45.60.33.26 19551 (INCAPSULA)
3 107.154.114.243 19551 (INCAPSULA)
3 2600:1f18:24e... 14618 (AMAZON-AES)
1 2600:1f18:24e... 14618 (AMAZON-AES)
36 5
1    13.111.210.35 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.edelivery.uhc.com
click.edelivery.uhc.com
25    45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)
member.uhc.com
member.werally.com
3    107.154.114.243 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.243.ip.incapdns.net
api.member.uhc.com
3    2600:1f18:24e6:b901:cb8d:d525:50ce:eb35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
1    2600:1f18:24e6:b902:fa9f:ddd0:867c:36e6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
24 uhc.com
click.edelivery.uhc.com — Cisco Umbrella Rank: 450198
member.uhc.com — Cisco Umbrella Rank: 51416
api.member.uhc.com — Cisco Umbrella Rank: 63065
1 MB
5 werally.com
member.werally.com — Cisco Umbrella Rank: 54645
70 KB
4 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8239
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2496 Failed
1 KB
36 3
Domain Requested by
20 member.uhc.com member.uhc.com
5 member.werally.com member.uhc.com
3 session-replay.browser-intake-datadoghq.com member.uhc.com
3 api.member.uhc.com member.uhc.com
1 rum.browser-intake-datadoghq.com member.uhc.com
1 click.edelivery.uhc.com 1 redirects
36 6

This site contains links to these domains. Also see Links.

Domain
www.myuhc.com
Subject Issuer Validity Valid
member.uhc.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh
api.member.uhc.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh
*.werally.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-28 -
2024-07-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Frame ID: 472F73EEBB4F23D20AF10EE8844AD9A0
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://click.edelivery.uhc.com/?qs=85e546265fafb0c2a7c8fe9131ab9fd0ef59438ed294e32a1a07fe6181ad2977bfde35eb... HTTP 302
    https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20... Page URL
  2. https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-cent... Page URL

Page Statistics

36
Requests

89 %
HTTPS

40 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

1346 kB
Transfer

4915 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.edelivery.uhc.com/?qs=85e546265fafb0c2a7c8fe9131ab9fd0ef59438ed294e32a1a07fe6181ad2977bfde35eb300cec4152dd412793987e8fe384dfb72491eb5dc36e42be545133b3 HTTP 302
    https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I Page URL
  2. https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.edelivery.uhc.com/?qs=85e546265fafb0c2a7c8fe9131ab9fd0ef59438ed294e32a1a07fe6181ad2977bfde35eb300cec4152dd412793987e8fe384dfb72491eb5dc36e42be545133b3 HTTP 302
  • https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
doc-center
member.uhc.com/claims-and-accounts/
Redirect Chain
  • https://click.edelivery.uhc.com/?qs=85e546265fafb0c2a7c8fe9131ab9fd0ef59438ed294e32a1a07fe6181ad2977bfde35eb300cec4152dd412793987e8fe384dfb72491eb5dc36e42be545133b3
  • https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
719 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d1c8ea74473683f5b94a46453f208b4914686a3c019ea1b15d3b9f445eec4d6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors assets.adobedtm.com unitedhealthgroup.tt.omtrdc.net unitedhealthgroup.demdex.net unitedhealthgroup.experiencecloud.adobe.com *.adobelogin.com *.adobemc.com; report-uri /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors assets.adobedtm.com unitedhealthgroup.tt.omtrdc.net unitedhealthgroup.demdex.net unitedhealthgroup.experiencecloud.adobe.com *.adobelogin.com *.adobemc.com; report-uri /rest/csp-reporter;
Content-Security-Policy-Report-Only
base-uri 'self'; child-src *.iperceptions.com fast.unitedhealthgroup.demdex.net unitedhealthgroup.demdex.net *.lpsnmedia.net; connect-src 'self' *.iperceptions.com *.optum.com *.uhc.com *.werally.com *.werally.in *.rally-dev.com api.amplitude.com bam.nr-data.net dpm.demdex.net unitedhealthgroup.tt.omtrdc.net ws.sessioncam.com *.qualtrics.com *.sendbird.com *.datadoghq.com *.browser-intake-datadoghq.com *.lpsnmedia.net; default-src 'self'; font-src 'self' *.iperceptions.com *.werally.com; img-src 'self' *.everesttech.net *.iperceptions.com *.myuhc.com *.optum.com *.rally-dev.com *.uhc.com *.werally.com *.werally.in data: dpm.demdex.net s3.amazonaws.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com simpleicon.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com; media-src 'self' blob:; object-src 'none'; report-uri /rest/csp-reporter; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.uhc.com *.werally.com *.werally.in *.rally-dev.com *.iperceptions.com art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com *.optum.com *.liveperson.net *.lpsnmedia.net *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline';
Content-Type
text/html
Date
Mon, 22 Apr 2024 15:46:55 GMT
ETag
"661d9aa4-2cf"
Last-Modified
Mon, 15 Apr 2024 21:22:44 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-CDN
Imperva
X-Frame-Options
DENY
X-Iinfo
8-56786350-56786372 NNYN CT(93 206 0) RT(1713800814178 28) q(0 0 3 12) r(4 4) U12
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private
Connection
close
Content-Length
238
Content-Type
text/html; charset=utf-8
Date
Mon, 22 Apr 2024 15:46:54 GMT
Location
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
configuration.b04822ff22e9d664f72e.js
member.uhc.com/claims-and-accounts/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/configuration.b04822ff22e9d664f72e.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b55f84324f321308a3041b2db418080843c29186faa40eeb618b8d63820d2e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sat, 20 Apr 2024 03:13:46 GMT
X-CDN
Imperva
ETag
"662332ea-5302"
Transfer-Encoding
chunked
Content-Type
application/javascript
X-Iinfo
8-56786350-56785232 2NYN RT(1713800814178 461) q(0 0 0 -1) r(5 5) U2
Cache-Control
no-store
Connection
keep-alive
Accept-Ranges
bytes
354.bundle.315a4919f27182ae9518.js
member.uhc.com/claims-and-accounts/ 		2 MB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
007b81320f542753881ef85abd62fe357c5c6adcee6668994475e78dfc5244d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 15 Apr 2024 21:22:44 GMT
X-CDN
Imperva
Etag
"661d9aa4-1a777f"
Content-Type
application/javascript
X-Iinfo
1-41746003-41738928 2CNN RT(1713800814659 23) q(0 0 0 -1) r(0 0)
Content-Length
462188
claims.bundle.58bf8bf6ae5fdc02d47a.js
member.uhc.com/claims-and-accounts/ 		673 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/claims.bundle.58bf8bf6ae5fdc02d47a.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
57df0e94b7cfa1dd4864a594da2ef1ec3c5f4681f596433263ba4aabe12ddd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 15 Apr 2024 21:22:44 GMT
X-CDN
Imperva
Etag
"661d9aa4-a8271"
Content-Type
application/javascript
X-Iinfo
6-27110356-27110358 2CNN RT(1713800814674 32) q(0 0 0 -1) r(0 0)
Content-Length
161322
csp-reporter
member.uhc.com/rest/ 		0
355 B 		Other
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/rest/csp-reporter
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

X-Iinfo
8-56786350-56786508 NNNN CT(99 353 0) RT(1713800814178 1199) q(0 0 5 -1) r(6 6) U6
Date
Mon, 22 Apr 2024 15:46:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
x-incap-sess-cookie-hdr
ltK2Nt0Z7zw5MWfNB2+QBm+GJmYAAAAAs2eCvZez008XUVNgppFAyg==
X-CDN
Imperva
Connection
keep-alive
Content-Length
0
heartbeat
api.member.uhc.com/rest/user/v1/session/ 		163 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
RP-Token-Suffix
MU
Accept-Language
de-DE,de;q=0.9;q=0.9
Arcade-Locale
en-US
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json
Referer
https://member.uhc.com/
sec-ch-ua-platform
"Win32"

Response headers

x-rally-correlationid
HTbVTEqSxK87XE-arcade_user
date
Mon, 22 Apr 2024 15:46:57 GMT
content-encoding
gzip
x-cdn
Imperva
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://member.uhc.com
x-iinfo
11-92716535-92716540 NNYN CT(104 201 0) RT(1713800816345 27) q(0 0 3 0) r(4 4) U24
access-control-expose-headers
WWW-Authenticate, Server-Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
1U+jbg2cZWsISs9CMnshCnCGJmYAAAAAuNs1E//4g62TIWQUzjY9rQ==
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
heartbeat
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/heartbeat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,rp-token-suffix
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Mon, 22 Apr 2024 15:46:56 GMT
x-cdn
Imperva
x-iinfo
10-77536011-77536016 NNNN CT(89 186 0) RT(1713800815903 26) q(0 0 3 0) r(4 4) U24
x-incap-sess-cookie-hdr
x2ITUFkSbRMISs9CMnshCnCGJmYAAAAAUxyk8cHSu746VJZC1ShLDg==
x-rally-correlationid
hyHwsSLw8bAcbA-arcade_user
csp-reporter
member.uhc.com/rest/ 		0
354 B 		Other
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/rest/csp-reporter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/claims-and-accounts/doc-center
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

X-Iinfo
1-41746003-41746068 NNNN CT(92 193 0) RT(1713800814659 740) q(0 1 3 -1) r(4 4) U6
Date
Mon, 22 Apr 2024 15:46:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
x-incap-sess-cookie-hdr
qrR+PnyRY0M5MWfNB2+QBm+GJmYAAAAAPiLHdTfsE9CjAeSjqEJeIQ==
X-CDN
Imperva
Connection
keep-alive
Content-Length
0
e0a255d9-0c0a-4a5b-a7a4-8fd81239fc13
https://member.uhc.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://member.uhc.com/e0a255d9-0c0a-4a5b-a7a4-8fd81239fc13
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0ec8e339133cbc7dfa9d354ead70724ae2e28aa3c8144b8647bc8aa6ff9b2d5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
25573
Content-Type
favicon.ico
member.uhc.com/claims-and-accounts/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/claims-and-accounts/doc-center
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 15 Apr 2024 21:22:44 GMT
X-CDN
Imperva
Etag
"661d9aa4-10be"
Content-Type
image/x-icon
X-Iinfo
6-27110356-27110358 2CNN RT(1713800814674 727) q(0 0 0 -1) r(0 0)
Content-Length
4286
favicon.ico
member.uhc.com/claims-and-accounts/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/claims-and-accounts/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/claims-and-accounts/doc-center
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Iinfo
6-27110356-27110358 2CNN RT(1713800814674 727) q(0 0 0 -1) r(0 0)
Date
Mon, 22 Apr 2024 15:46:55 GMT
Last-Modified
Mon, 15 Apr 2024 21:22:44 GMT
X-CDN
Imperva
Etag
"661d9aa4-10be"
Content-Length
4286
Content-Type
image/x-icon
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Axhr%2Cenv%3AProduction%2Cservice%3Ap4c-claims-ui%2Cversion%3A1.195.0&dd-api-key=pub3c32c8eb2090c4389b32fed25c374f7b&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=7dba5ecf-190a-4e21-9505-b6f3edb6e8d8
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:cb8d:d525:50ce:eb35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5a19cb943b25fe47763855f162a052c3c00d4ded67927dc82e7e8274c284f8f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAnOQBrjWTKAdHWGG

Response headers

date
Mon, 22 Apr 2024 15:46:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
7dba5ecf-190a-4e21-9505-b6f3edb6e8d8
Primary Request login
member.uhc.com/ 		1 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/claims.bundle.58bf8bf6ae5fdc02d47a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3e860cb701302066cf8c09b9f48cd68552516061a3b39be6a8e3a381e9118dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://member.uhc.com/claims-and-accounts/doc-center
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
public, max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy-Report-Only
base-uri 'self' *.iperceptions.com unitedhealthgroup.demdex.net; child-src *.demdex.net *.iperceptions.com *.qualtrics.com blob:; connect-src 'self' bam.nr-data.net bat.bing.com *.nr-data.net t.co dpm.demdex.net *.demdex.net *.facebook.com *.google-analytics.com google-analytics.com *.iperceptions.com *.msg.liveperson.net *.liveperson.net *.lpsnmedia.net *.mymedicareaccount.com *.myoptum.com myoptum.com myoptum.akamaized.net myoptum-stage.akamaized.net *.optum.com *.qualtrics.com *.sendbird.com *.sundaysky.com *.uhc.com *.tt.omtrdc.net *.werally.com *.werally.in ws.sessioncam.com wss://*.msg.liveperson.net wss://*.sendbird.com *.datadoghq.com *.browser-intake-datadoghq.com *.logs.datadoghq.com *.myuhc.com api2.branch.io maelstrom-dmz.uhg.com maelstrom-dmz-nonprod.uhcprovider.com *.onelink-edge.com; default-src 'self'; font-src 'self' *.googleapis.com *.gstatic.com *.iperceptions.com *.werally.com maelstrom-dmz-nonprod.uhc.com myoptum.akamaized.net data: myoptum-stage.akamaized.net *.avast.com; frame-ancestors 'self' *.int.mymedicareaccount.uhc.com *.int.uhc.com https://assets.adobedtm.com https://unitedhealthgroup.tt.omtrdc.net https://unitedhealthgroup.demdex.net https://unitedhealthgroup.experiencecloud.adobe.com https://ims-na1.adobelogin.com https://us1-proxy.adobemc.com; frame-src *.aarpmedicareplans.com *.doubleclick.net *.healthsafe-id.com *.iperceptions.com *.lpsnmedia.net *.liveperson.net *.optum.com *.rally-dev.com *.stage-aarpmedicareplans.uhc.com *.sundaysky.com *.werally.com *.werally.in *.qualtrics.com google-analytics.com unitedhealthgroup.demdex.net *.facebook.net vkanalytics.net; img-src 'self' bam.nr-data.net *.bing.com data: *.everesttech.net dpm.demdex.net *.facebook.com *.facebook.net www.facebook.com *.gstatic.com *.google-analytics.com google-analytics.com google.com *.iperceptions.com *.qualtrics.com *.lpsnmedia.net *.myuhc.com *.optum.com *.rallyhealth.com s3.amazonaws.com *.s3.amazonaws.com *.ssa.gov *.sundaysky.com t.co *.uhc.com *.werally.com *.werally.in *.prod.werally.in *.twitter.com cloudfront.federateddataservices.com *.googletagmanager.com cdn.honey.io z1.objecstorage.liveperson.net translate.google.com myuhc.com *.liveperson.net; media-src 'self' blob: *.lpsnmedia.net; object-src 'none'; report-uri /rest/csp-reporter https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=application_id%3Ab7642e6b-65fc-4102-b77b-4de9336d8820%2Cenv%3Aprod%2Cservice%3Aarcade-ui; script-src 'self' http: https: 'unsafe-inline' 'unsafe-eval' 'nonce-R822qhFR2TI3RkLQ3fZfVQkRN8X2Zw8h' 'strict-dynamic' *.google-analytics.com *.iperceptions.com *.int.mymedicareaccount.uhc.com *.mymedicareaccount.com *.mymedicareaccount.uhc.com *.myuhc.com *.rally-dev.com *.twitter.com *.werally.in art.azureedge.net assets.adobedtm.com bam.nr-data.net cdn.amplitude.com connect.facebook.net d2oh4tlt9mrke9.cloudfront.net js-agent.newrelic.com *.kaspersky-labs.com *.member.uhc.com *.myoptum.akamaized.net *.myoptum-stage.akamaized.net *.optum.com *.sundaysky.com *.uhc.com *.liveperson.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.omtrdc.net *.ssa.gov *.lpsnmedia.net *.liveperson.net; worker-src blob:;
Content-Type
text/html
Date
Mon, 22 Apr 2024 15:46:57 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-CDN
Imperva
X-Frame-Options
DENY
X-Iinfo
8-56786350-56786601 NNYN CT(96 195 0) RT(1713800814178 2201) q(0 0 3 -1) r(4 4) U12
X-XSS-Protection
1; mode=block
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3AProduction%2Cservice%3Ap4c-claims-ui%2Cversion%3A1.195.0&dd-api-key=pub3c32c8eb2090c4389b32fed25c374f7b&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=d1c5e35d-e6fa-4425-b59a-3a3ed16773df
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:cb8d:d525:50ce:eb35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypHf3sZBAcLpzj5wa

Response headers
configuration.js
member.uhc.com/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/configuration.js?v=c2d5902a93310eb1
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b3e62fb9af0fd958eaf5138363ab882b38c518e58bbdc393f45a440d9bda0a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sat, 20 Apr 2024 03:33:41 GMT
X-CDN
Imperva
Etag
"66233795-6573"
Content-Type
application/javascript
X-Iinfo
8-56786350-56785511 2VNN RT(1713800814178 2621) q(0 1 1 -1) r(4 4)
Cache-Control
max-age=3600, public
Content-Length
7498
Expires
Mon, 22 Apr 2024 16:46:57 GMT
check-for-ie.js
member.uhc.com/ 		207 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/check-for-ie.js?v=576b00ab74305588
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
67b6131141388d481febe3f6892356687aa9c35b6f01aedf1c333f05f6db944b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:24:48 GMT
X-CDN
Imperva
Etag
"661e27c0-cf"
Content-Type
application/javascript
X-Iinfo
1-41746003-0 0CNN RT(1713800814659 2141) q(0 -1 -1 -1) r(1 -1)
Content-Length
177
~4348.bundle.4c4c8ce3537f3c86352d.js
member.uhc.com/ 		2 MB
500 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d4119f48d7e974419b84d52943086e66a8806c8a1c9022dd9644891f6547d8c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:24:29 GMT
X-CDN
Imperva
Etag
"661e27ad-1dcd31"
Content-Type
application/javascript
X-Iinfo
1-41746003-0 0CNN RT(1713800814659 2166) q(0 -1 -1 -1) r(0 -1)
Content-Length
511989
~arcade.bundle.2e7309f71369c5357941.js
member.uhc.com/ 		430 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/~arcade.bundle.2e7309f71369c5357941.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
116766191b5bae40f187cb3afa4387c02df9d4629b3642432efafd7c1df2b6d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:24:30 GMT
X-CDN
Imperva
Etag
"661e27ae-6b8da"
Content-Type
application/javascript
X-Iinfo
1-41746003-0 0CNN RT(1713800814659 2239) q(0 -1 -1 -1) r(1 -1)
Content-Length
121487
UHC2020Sans-Medium.woff2
member.werally.com/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Medium.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 15:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
10-66723069-66723075 NNNN CT(90 206 0) RT(1713800817426 27) q(0 0 3 0) r(4 5) U12
content-length
23212
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5aac"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
hFMFcBiHTAfNNmfNB2+QBnGGJmYAAAAAhsWCQP6h/exRNzZcg8eHiA==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chatter-box.esm.js
member.uhc.com/chat/chatter-box/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.2e7309f71369c5357941.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
427a00cdea870dcc3049819cb6be63b61556c6754f96cee3d8685021e0c5e5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 04 Apr 2024 22:04:20 GMT
X-CDN
Imperva
Etag
"660f23e4-c97"
Content-Type
application/javascript
X-Iinfo
8-56786350-0 0CNN RT(1713800814178 3218) q(0 -1 -1 -1) r(0 -1)
x-incap-sess-cookie-hdr
xyzWfCsVghM5MWfNB2+QBnGGJmYAAAAAv+NVaO/gse548ZU0NkQlcA==
Content-Length
1246
e2b78375-7349-404e-a7e6-b5395e35e765
https://member.uhc.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://member.uhc.com/e2b78375-7349-404e-a7e6-b5395e35e765
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fedabd88cb8d2ef614b6b81551876c3022eac4cb014eed2adc051c9e2e3eae5b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
25573
Content-Type
1119.2e65686e791ccc0d11dd.js
member.uhc.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/1119.2e65686e791ccc0d11dd.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~arcade.bundle.2e7309f71369c5357941.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ece43191ada57af06bd0b4295f87414d3a398260bb76c1b77712156972bcb789
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:24:30 GMT
X-CDN
Imperva
Etag
"661e27ae-2268"
Content-Type
application/javascript
X-Iinfo
8-56786350-0 0CNN RT(1713800814178 3248) q(0 -1 -1 -1) r(0 -1)
Content-Length
3056
UHC2020Sans-SemiBold.woff2
member.werally.com/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-SemiBold.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 15:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
10-66723069-66723078 NNNN CT(96 197 0) RT(1713800817426 35) q(0 0 3 1) r(4 5) U12
content-length
22816
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5920"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
BVHxWbAxdmLNNmfNB2+QBnGGJmYAAAAALb0y0kHq0WrU42TtyG74Mg==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
UHC2020Sans-Bold.woff2
member.werally.com/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/fonts/UHC2020Sans-Bold.woff2?
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 15:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-iinfo
10-66723069-66723080 NNNN CT(94 197 0) RT(1713800817426 37) q(0 0 3 0) r(4 5) U12
content-length
22420
last-modified
Fri, 28 Jan 2022 00:25:18 GMT
etag
"61f337ee-5794"
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cors_value
trueget
access-control-expose-headers
Content-Length,Content-Range
request_method
GET
x-incap-sess-cookie-hdr
Z2aVIIwUHGvNNmfNB2+QBnGGJmYAAAAA/yq7c6gqB3G3yQGD0SZCgw==
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
system-help-circle.svg
member.werally.com/assets/icons/ 		518 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-help-circle.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5389f2e365cb16126b510ace2903284ffa023548b4ac7d7f69f0491016e8065c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 15:46:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-206"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
10-66723069-66715062 2CNN RT(1713800817426 28) q(0 0 0 3) r(0 0)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
owlNFWNQQ07NNmfNB2+QBnGGJmYAAAAAnCJ0gS6L6HU6rk8VFQYX+A==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
338
system-arrow-down.svg
member.werally.com/assets/icons/ 		151 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.werally.com/assets/icons/system-arrow-down.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
594bfe6f8e2ec741004affc9436a83e3d3ddd889ed86afb65c4ff9cae9d06352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 15:46:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jan 2022 00:25:20 GMT
x-cdn
Imperva
etag
"61f337f0-97"
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-iinfo
10-66723069-0 0CNN RT(1713800817426 31) q(0 -1 -1 2) r(0 -1)
access-control-expose-headers
Content-Length,Content-Range
x-incap-sess-cookie-hdr
BWTsQo/BMRrNNmfNB2+QBnGGJmYAAAAAJNJWCPIdoGhbCAHidDG36w==
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
148
uhc.svg
member.uhc.com/images/branding/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://member.uhc.com/images/branding/uhc.svg
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5d8b74dcd5b720df1c794df7f65581b0acf0eeb339d0a146f873bd6d4817b419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:25:49 GMT
X-CDN
Imperva
Etag
"661e27fd-14ad"
Content-Type
image/svg+xml
X-Iinfo
8-56786350-0 0CNN RT(1713800814178 3274) q(0 -1 -1 -1) r(0 -1)
Content-Length
1734
shared-header-footer.json
member.uhc.com/ 		514 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/shared-header-footer.json
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
x-datadog-parent-id
429851198302876587
x-datadog-trace-id
2198417145478696900
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sat, 20 Apr 2024 03:33:42 GMT
X-CDN
Imperva
ETag
"66233796-202"
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-Iinfo
1-41746003-41746311 NNYY CT(100 204 0) RT(1713800814659 2797) q(0 0 0 -1) r(1 1) U2
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
shared-header-footer.json
member.uhc.com/ 		514 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/shared-header-footer.json
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
x-datadog-parent-id
6168410343427347460
x-datadog-trace-id
1976788773783253235
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2024 04:05:51 GMT
X-CDN
Imperva
ETag
"6621ed9f-202"
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-Iinfo
6-27110356-27110639 NNYY CT(99 203 0) RT(1713800814674 2907) q(0 0 0 -1) r(1 1) U2
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
p-eadc960b.js
member.uhc.com/chat/chatter-box/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/chat/chatter-box/p-eadc960b.js
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/claims-and-accounts/doc-center?locale=en-US?cid=IImemIemIPT3696_EI_Health%20StatementIIII20231201I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5654fbeaeea6aa803e0ac6fc54f34119205a6c2cb9a20d447fb62751bb4f9f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/chat/chatter-box/chatter-box.esm.js
Origin
https://member.uhc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 04 Apr 2024 22:04:20 GMT
X-CDN
Imperva
Etag
"660f23e4-3b21"
Content-Type
application/javascript
X-Iinfo
6-27110356-0 0CNN RT(1713800814674 2794) q(0 -1 -1 -1) r(0 -1)
x-incap-sess-cookie-hdr
MEigSv1hvxk5MWfNB2+QBnGGJmYAAAAANyg4+IvLt8PYd/TfPUmHaw==
Content-Length
6248
logout
api.member.uhc.com/rest/user/v1/session/ 		0
0
logout
api.member.uhc.com/rest/user/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.member.uhc.com/rest/user/v1/session/logout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.243 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.243.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
arcade-locale,rp-token-suffix,x-datadog-origin,x-datadog-parent-id,x-datadog-sampling-priority,x-datadog-trace-id,xsrf-token
Access-Control-Request-Method
GET
Origin
https://member.uhc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,x-requested-with,content-type,Cache-Control,Pragma,Date,Arcade-XSRF-Token,X-Rally-Locale,Arcade-Data-Updated,Arcade-Locale,RP-Token-Suffix,XSRF-Token,x-datadog-trace-id,x-datadog-parent-id,x-datadog-origin,x-datadog-sampling-priority,x-datadog-sampled,x-rally-canary,x-claims-canary
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://member.uhc.com
access-control-expose-headers
WWW-Authenticate, Server-Authorization
allow
OPTIONS, GET
cache-control
no-cache, no-store, must-revalidate
date
Mon, 22 Apr 2024 15:46:58 GMT
x-cdn
Imperva
x-iinfo
10-77536011-77536281 NNNN CT(100 273 0) RT(1713800815903 2055) q(0 0 4 2) r(5 5) U24
x-incap-sess-cookie-hdr
hH9dI8owFFkISs9CMnshCnKGJmYAAAAAsLXxV06MazR9iq/sqsSpsQ==
x-rally-correlationid
25Hy3mUibnZQzd-arcade_user
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Axhr%2Cenv%3Anavigation-prod-2%2Cservice%3Aarcade-ui%2Cversion%3A2024.04.16-694ef30ce&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=806588b4-b369-438d-9128-1a9e82fda5f8
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:cb8d:d525:50ce:eb35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5ff858935ad2eb51575f58937719c6a51b03ca67f916751ea3347468b5a02124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8dwq9SICxrxuDww0

Response headers

date
Mon, 22 Apr 2024 15:46:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
806588b4-b369-438d-9128-1a9e82fda5f8
favicon.ico
member.uhc.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://member.uhc.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.26 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://member.uhc.com/login?redirect=https%3A%2F%2Fmember.uhc.com%2Fclaims-and-accounts%2Fdoc-center&lob=E%26I&locale=en-US
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 15:46:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Apr 2024 07:24:48 GMT
X-CDN
Imperva
Etag
"661e27c0-10be"
Content-Type
image/x-icon
X-Iinfo
6-27110356-27110297 2CNN RT(1713800814674 3328) q(0 0 0 -1) r(0 0)
Content-Length
4286
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
344 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Afetch%2Cenv%3Anavigation-prod-2%2Cservice%3Aarcade-ui%2Cversion%3A2024.04.16-694ef30ce&dd-api-key=pub219abce98fcfbc35871b2deedbebd54f&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=6d6c95ee-ad81-45cf-a1b7-053c646fd87b&batch_time=1713800818771
Requested by
Host: member.uhc.com
URL: https://member.uhc.com/~4348.bundle.4c4c8ce3537f3c86352d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:fa9f:ddd0:867c:36e6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
94938e2ce3a10bbcd066713a49e41b50d9ecea873a20231b660c79e202e53dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://member.uhc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 22 Apr 2024 15:46:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
6d6c95ee-ad81-45cf-a1b7-053c646fd87b

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rum.browser-intake-datadoghq.com
URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.43.0%2Capi%3Abeacon%2Cenv%3AProduction%2Cservice%3Ap4c-claims-ui%2Cversion%3A1.195.0&dd-api-key=pub3c32c8eb2090c4389b32fed25c374f7b&dd-evp-origin-version=4.43.0&dd-evp-origin=browser&dd-request-id=affafcc8-205b-4433-9d6a-5272149b327f&batch_time=1713800817112
Domain
api.member.uhc.com
URL
https://api.member.uhc.com/rest/user/v1/session/logout

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FEATURE_FLAGS object| CONFIG function| checkForIE object| webpackChunk_rally_arcade_ui function| clearImmediate function| setImmediate object| regeneratorRuntime object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| DD_RUM string| RP_TOKEN_SUFFIX

5 Cookies

Domain/Path Name / Value
.uhc.com/ Name: visid_incap_2076937
Value: Vm2BG6jERsKortiQuiYEDW6GJmYAAAAAQUIPAAAAAACf5M22/OfWuY6LFG+jXyVt
.uhc.com/ Name: incap_ses_473_2076937
Value: wvfiACRGijk5MWfNB2+QBm6GJmYAAAAAyrn1JFk/nlC7X+hxcztLog==
.member.uhc.com/ Name: visid_incap_1142757
Value: gl6mrWugRROT2RyhFYJ1dW+GJmYAAAAAQUIPAAAAAABdTB8W3HTwvre30lj5HrC4
.member.uhc.com/ Name: incap_ses_730_1142757
Value: EKFxJPL7VHsISs9CMnshCnCGJmYAAAAAFj1Np1+pmHUh+2AldVZF2A==
member.uhc.com/ Name: _dd_s
Value: rum=1&id=0efcba58-1ea4-4daa-b4ef-ada8ef0d6b3a&created=1713800816113&expire=1713801718130

3 Console Messages

Source Level URL
Text
security error URL: https://member.uhc.com/claims-and-accounts/354.bundle.315a4919f27182ae9518.js(Line 1)
Message:
[Report Only] Refused to create a worker from 'blob:https://member.uhc.com/e0a255d9-0c0a-4a5b-a7a4-8fd81239fc13' because it violates the following Content Security Policy directive: "child-src *.iperceptions.com fast.unitedhealthgroup.demdex.net unitedhealthgroup.demdex.net *.lpsnmedia.net". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.
security error URL: https://member.uhc.com/claims-and-accounts/doc-center
Message:
[Report Only] Refused to create a worker from 'blob:https://member.uhc.com/e0a255d9-0c0a-4a5b-a7a4-8fd81239fc13' because it violates the following Content Security Policy directive: "child-src *.iperceptions.com fast.unitedhealthgroup.demdex.net unitedhealthgroup.demdex.net *.lpsnmedia.net". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.
network error URL: https://api.member.uhc.com/rest/user/v1/session/heartbeat
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors assets.adobedtm.com unitedhealthgroup.tt.omtrdc.net unitedhealthgroup.demdex.net unitedhealthgroup.experiencecloud.adobe.com *.adobelogin.com *.adobemc.com; report-uri /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.member.uhc.com
click.edelivery.uhc.com
member.uhc.com
member.werally.com
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
api.member.uhc.com
rum.browser-intake-datadoghq.com
107.154.114.243
13.111.210.35
2600:1f18:24e6:b901:cb8d:d525:50ce:eb35
2600:1f18:24e6:b902:fa9f:ddd0:867c:36e6
45.60.33.26
007b81320f542753881ef85abd62fe357c5c6adcee6668994475e78dfc5244d5
116766191b5bae40f187cb3afa4387c02df9d4629b3642432efafd7c1df2b6d5
30259c4e57db0b98cd057053f668ce5eb8f4cbd2d843fa6b22166f034b6370c9
3e860cb701302066cf8c09b9f48cd68552516061a3b39be6a8e3a381e9118dc2
427a00cdea870dcc3049819cb6be63b61556c6754f96cee3d8685021e0c5e5d0
5389f2e365cb16126b510ace2903284ffa023548b4ac7d7f69f0491016e8065c
5654fbeaeea6aa803e0ac6fc54f34119205a6c2cb9a20d447fb62751bb4f9f88
57df0e94b7cfa1dd4864a594da2ef1ec3c5f4681f596433263ba4aabe12ddd8e
594bfe6f8e2ec741004affc9436a83e3d3ddd889ed86afb65c4ff9cae9d06352
5a19cb943b25fe47763855f162a052c3c00d4ded67927dc82e7e8274c284f8f3
5d8b74dcd5b720df1c794df7f65581b0acf0eeb339d0a146f873bd6d4817b419
5ff858935ad2eb51575f58937719c6a51b03ca67f916751ea3347468b5a02124
67b6131141388d481febe3f6892356687aa9c35b6f01aedf1c333f05f6db944b
8f69bc787272dc8ff531e6041ee0bc8f3a6037ce08ac92e0800e4381864ca658
94938e2ce3a10bbcd066713a49e41b50d9ecea873a20231b660c79e202e53dd6
b0ec8e339133cbc7dfa9d354ead70724ae2e28aa3c8144b8647bc8aa6ff9b2d5
b3e62fb9af0fd958eaf5138363ab882b38c518e58bbdc393f45a440d9bda0a71
b55f84324f321308a3041b2db418080843c29186faa40eeb618b8d63820d2e45
c50c7bd4abab5152b29ed4ba8ad7e884ae3f78e21e5e18c61e24b73dfc213d41
d1c8ea74473683f5b94a46453f208b4914686a3c019ea1b15d3b9f445eec4d6d
d4119f48d7e974419b84d52943086e66a8806c8a1c9022dd9644891f6547d8c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece43191ada57af06bd0b4295f87414d3a398260bb76c1b77712156972bcb789
f161e22cde63c497d665c80a60a654d29caa423b4f4f59848b55309beb8bc361
fab4d0fbdc4584c01160ba318fc3cd75fd8cdff9691239e6ac79fbe4c975ed0d
fedabd88cb8d2ef614b6b81551876c3022eac4cb014eed2adc051c9e2e3eae5b