urlscan.io logo urlscan.io
SecurityTrails logo

secure.wealthcare.com Open in urlscan Pro
158.101.6.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.wealthcare.com/
Effective URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Submission: On July 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 158.101.6.227, located in Phoenix, United States and belongs to ORACLE-BMC-31898, US. The main domain is secure.wealthcare.com. The Cisco Umbrella rank of the primary domain is 365368.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 14th 2023. Valid for: a year.
This is the only time secure.wealthcare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 158.101.6.227 31898 (ORACLE-BM...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 13.224.58.157 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
17 5
10    158.101.6.227 (Phoenix, United States)

ASN31898 (ORACLE-BMC-31898, US)
PTR: webmail.luxsci.com
secure.wealthcare.com
luxsci.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
3    13.224.58.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-58-157.cdg50.r.cloudfront.net
d4hm2u4pioc0c.cloudfront.net
2    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-p.fontawesome.com
Apex Domain
Subdomains		 Transfer
9 wealthcare.com
secure.wealthcare.com — Cisco Umbrella Rank: 365368
521 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2025
ka-p.fontawesome.com — Cisco Umbrella Rank: 3621
265 KB
3 cloudfront.net
d4hm2u4pioc0c.cloudfront.net
285 KB
1 luxsci.com
luxsci.com — Cisco Umbrella Rank: 211144
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
17 5
Domain Requested by
9 secure.wealthcare.com 2 redirects secure.wealthcare.com
4 ka-p.fontawesome.com kit.fontawesome.com
ka-p.fontawesome.com
3 d4hm2u4pioc0c.cloudfront.net secure.wealthcare.com
1 luxsci.com secure.wealthcare.com
1 kit.fontawesome.com secure.wealthcare.com
1 fonts.googleapis.com secure.wealthcare.com
17 6

This site contains no links.

Subject Issuer Validity Valid
secure.wealthcare.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-14 -
2024-05-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.luxsci.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-07-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Frame ID: 6EFD7050D7D7B7227DBA47246C0200C1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wealthcare Secure Email WebMail

Page URL History Show full URLs

  1. http://secure.wealthcare.com/ HTTP 301
    https://secure.wealthcare.com/ Page URL
  2. https://secure.wealthcare.com/perl/lux/index.pl HTTP 302
    https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

1073 kB
Transfer

3171 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.wealthcare.com/ HTTP 301
    https://secure.wealthcare.com/ Page URL
  2. https://secure.wealthcare.com/perl/lux/index.pl HTTP 302
    https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secure.wealthcare.com/ HTTP 301
  • https://secure.wealthcare.com/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
secure.wealthcare.com/
Redirect Chain
  • http://secure.wealthcare.com/
  • https://secure.wealthcare.com/
98 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
4439acedd84640c797a412796bad1498e957d008f97660eb4db9925464dcebc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
98
Content-Type
text/html
Date
Fri, 28 Jul 2023 18:16:57 GMT
ETag
"62-6016c9ab4fbb5"
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 26 Jul 2023 23:57:03 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 28 Jul 2023 18:16:56 GMT
Keep-Alive
timeout=5, max=100
Location
https://secure.wealthcare.com/
Server
Apache
Primary Request login.pl
secure.wealthcare.com/perl/member/
Redirect Chain
  • https://secure.wealthcare.com/perl/lux/index.pl
  • https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
c3d3f9e52c45a294722a6bfac87c565c5c363f3d1d088e589cd8866b3be54af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://secure.wealthcare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Control
no-store, no-cache, must-revalidate, private
Content-Type
text/html; charset=utf-8
Date
Fri, 28 Jul 2023 18:16:57 GMT
Expires
-1
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1

Redirect headers

Connection
Keep-Alive
Content-Length
370
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 28 Jul 2023 18:16:57 GMT
Keep-Alive
timeout=5, max=99
Location
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Server
Apache
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=Montserrat:wght@400;600;700&display=swap
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acb219d29071d6e531c616228bf10d356ec47a7fd5a43805ee94b3b11b9b2a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Jul 2023 18:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Jul 2023 18:16:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jul 2023 18:16:57 GMT
04f84a257a.css
kit.fontawesome.com/ 		195 B
517 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/04f84a257a.css
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1875eab5139c9cf0869a3f657ab740c63423287f15c3f2e56ecad1957ba032e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://secure.wealthcare.com/
Origin
https://secure.wealthcare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:16:57 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=300, public, stale-while-revalidate=30
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7edf1dc1dde51d88-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F3Ya1lFKAPFXFv5CA_nC
theme_vX.css
d4hm2u4pioc0c.cloudfront.net/plcss/19101/466656118299/ 		283 KB
284 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d4hm2u4pioc0c.cloudfront.net/plcss/19101/466656118299/theme_vX.css?v=220
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.58.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-58-157.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4eec95172cbb1a7e851f76f19a3c2091421681da582f4682aab4daddff9e7c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 27 Jul 2023 17:51:22 GMT
Via
1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
Last-Modified
Sat, 22 Jul 2023 18:13:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CDG50-C1
Age
87936
ETag
"111bf37b10e65a42d32901bd5f2d0edb"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
290119
X-Amz-Cf-Id
B-cxejTstVCtgCIJgOPwwojA0pcR6wJAHqOZQLU4iRqoV1ziR9feMQ==
base.var
secure.wealthcare.com/_v2023_12_0b/js/ 		454 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/_v2023_12_0b/js/base.var
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
28ab7b579f504ae033d8af62fafeaaea9cd702726bc819ba2a2e38f46b29b9fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Fri, 28 Jul 2023 18:16:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2023 23:57:39 GMT
Server
Apache
ETag
"205cb-6016c9cd4b9ef;95-6016c9cd4b9ef
Vary
negotiate,accept-encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
TCN
choice
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Location
base.js.gz
Keep-Alive
timeout=5, max=97
Content-Length
132555
Expires
Sun, 27 Aug 2023 18:16:57 GMT
login_shared.var
secure.wealthcare.com/_v2023_12_0b/js/ 		680 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/_v2023_12_0b/js/login_shared.var
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
bf451c0cd65d93f0ddc661780752c1361b7a40cb02402a1d5439bd28ac5686b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Fri, 28 Jul 2023 18:16:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2023 23:57:39 GMT
Server
Apache
ETag
"28635-6016c9cd788b3;a5-6016c9cd78c9b
Vary
negotiate,accept-encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
TCN
choice
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Location
login_shared.js.gz
Keep-Alive
timeout=5, max=100
Content-Length
165429
Expires
Sun, 27 Aug 2023 18:16:58 GMT
mail2.png
d4hm2u4pioc0c.cloudfront.net/icons/png/o/white/32x32/ 		139 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4hm2u4pioc0c.cloudfront.net/icons/png/o/white/32x32/mail2.png
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.58.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-58-157.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d24f796610c45507804aef4de762d3c99ab028c0fdfa3cd54abe87d75b8d405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sun, 23 Jul 2023 20:41:47 GMT
Via
1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
Last-Modified
Wed, 03 Sep 2014 04:29:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CDG50-C1
Age
423312
ETag
"c433b18ceb7758046ac444e310e43fc9"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
139
X-Amz-Cf-Id
JIaZbhOlgh_TU1F3lQgmI7v5P92EljgHwNFmQNzl_rlA9QOk2sXg9A==
dot.gif
d4hm2u4pioc0c.cloudfront.net/icons/ 		49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4hm2u4pioc0c.cloudfront.net/icons/dot.gif
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.58.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-58-157.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 10:13:42 GMT
Via
1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
Last-Modified
Mon, 05 Apr 2010 17:21:25 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CDG50-C1
Age
288197
ETag
"56398e76be6355ad5999b262208a17c9"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
X-Amz-Cf-Id
7teIBJnjRZdS5LesVHig-tuUQuhw-B0GI4DEyDH5VyCwRUiv-Hu8qA==
image.png
luxsci.com/intranet/php/luxpv.php/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://luxsci.com/intranet/php/luxpv.php/image.png?r=https://secure.wealthcare.com/
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
c7940f51fe9506bed4f7077c37c772ba16fcc189da233a8e891e45a94e5e503f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 18:16:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, max-age=31536000, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1050
X-XSS-Protection
1
Expires
Sat, 27 Jul 2024 18:16:59 GMT
global_public.var
secure.wealthcare.com/perl/member/ctx/get.pl/.0I8dsS5oTlUZtjawhQUm0VIQyzFUFkvUu1KXr3A.3U//ctx/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/perl/member/ctx/get.pl/.0I8dsS5oTlUZtjawhQUm0VIQyzFUFkvUu1KXr3A.3U//ctx/global_public.var
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
05f106d54338dd604bc69c56230aefae560177feed33953e909bb2885f5fc41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Fri, 28 Jul 2023 18:16:58 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
X-UA-Compatible
IE=edge
ckeditor.var
secure.wealthcare.com/_v2022.1.2/js/cke4.15.0/ 		712 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/_v2022.1.2/js/cke4.15.0/ckeditor.var
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
72f0f639cfa241455ef53b703e06df01512b17a3892eabd7d242442560af57c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Fri, 28 Jul 2023 18:16:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2023 23:57:33 GMT
Server
Apache
ETag
"34929-6016c9c74da74;9d-6016c9c74de5c
Vary
negotiate,accept-encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
TCN
choice
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Location
ckeditor.js.gz
Keep-Alive
timeout=5, max=95
Content-Length
215337
Expires
Sun, 27 Aug 2023 18:16:58 GMT
passwords.var
secure.wealthcare.com/_v2017.8.0x/js/int/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wealthcare.com/_v2017.8.0x/js/int/passwords.var
Requested by
Host: secure.wealthcare.com
URL: https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.101.6.227 Phoenix, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
webmail.luxsci.com
Software
Apache /
Resource Hash
de23c91926a31f89124012ad88ff93b7391fe49ea3d7e96d6906cb007d5dfc98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wealthcare.com/perl/member/login.pl?settheme=466656118299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Fri, 28 Jul 2023 18:16:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2023 23:57:36 GMT
Server
Apache
ETag
"76c-6016c9ca8bbfb;9f-6016c9ca8bbfb
Vary
negotiate,accept-encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
TCN
choice
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Location
passwords.js.gz
Keep-Alive
timeout=5, max=99
Content-Length
1900
Expires
Sun, 27 Aug 2023 18:16:58 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		867 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=04f84a257a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/04f84a257a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:16:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:29:22 GMT
server
cloudflare
age
244322
etag
"641cc4b2-31000"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7edf1dc2df302ba3-FRA
content-length
200704
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.4.0/css/ 		85 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v5-font-face.min.css?token=04f84a257a
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/04f84a257a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kit.fontawesome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:16:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 Mar 2023 21:29:21 GMT
server
cloudflare
etag
"641cc4b1-30f2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7edf1dc2df312ba3-FRA
content-length
12530
pro-fa-sharp-light-300-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-sharp-light-300-d5bbe9.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=04f84a257a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d8ad9352f9bcc39f967698f03c5be13d74cf27c354921d6ff22f7ef4a2c9d4

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=04f84a257a
Origin
https://secure.wealthcare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:16:58 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:23:23 GMT
server
cloudflare
etag
"641d33cb-67d4"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7edf1dc859031d88-FRA
content-length
26580
pro-fa-sharp-light-300-e83789.woff2
ka-p.fontawesome.com/releases/v6.4.0/webfonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-sharp-light-300-e83789.woff2
Requested by
Host: ka-p.fontawesome.com
URL: https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=04f84a257a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36a459a9be709e555e858f4a018a5d08f17aaa7fc8c0918e2a2454afd647dcb

Request headers

Referer
https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=04f84a257a
Origin
https://secure.wealthcare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 18:16:58 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Mar 2023 05:23:23 GMT
server
cloudflare
etag
"641d33cb-7650"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7edf1dc859021d88-FRA
content-length
30288

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| xOp95Up undefined| xOp94Dn undefined| xIE undefined| xIE9 undefined| xIE9up undefined| xIE10up string| xUA undefined| v boolean| xOpera undefined| ua undefined| re undefined| rv function| xCamelize function| xClientHeight function| xClientWidth function| xDef function| xGetComputedStyle function| xGetElementById function| xGetElementsByClassName function| xGetElementsByTagName function| xHasPoint function| xHeight function| xLeft function| xMoveTo function| xNum function| xOpacity function| xPageX function| xPageY function| xResizeTo function| xScrollLeft function| xScrollTop function| xStr function| xStyle function| xTop function| xWidth function| xEvent function| xAddEventListener function| xPreventDefault function| xRemoveEventListener function| xStopPropagation function| xAppendChild function| xBackground function| xColor function| xDisableDrag function| xEnableDrag function| xFirstChild function| xNextSib function| xParentNode function| xParent function| xVisibility function| xHide function| xShow function| xInnerHtml function| xIntersection function| xSmartLoad object| desktopnote function| $ function| jQuery boolean| xFireFox boolean| xSafari boolean| xChrome boolean| xMac object| xLibrary function| Dropzone function| _prof function| _prof0 function| NoScrollbars number| _video_closed function| Video function| showVideoNotice function| timestamp function| arr_move function| _sz function| getDateFromTimestamp function| getDateFromTimestampLocal function| fmtDateShort function| fmtTimeShort function| fmtTimeShort2 function| getDayStartLocal function| isToday function| isYesterday function| getUTCSeconds function| userNameValidChars function| validateUserName function| submitViaEnter function| clickViaEnter function| isCapsOn function| doViaEnter function| doViaEnter2 function| suppressEnter function| doHide function| doShow function| formFieldValue function| doGetCaretPosition function| setCaretPosition function| toggleDisplay function| swapDisplay function| saveForm function| URLEncodedField function| saveFormObj function| stringifyAR function| icon_s3 function| icon_url function| ispace function| icon function| icon32 function| InASec function| ClipDiv function| NoWrapBlock function| OneLiner function| uniqueNo function| scrollDiv function| doOnReady function| doOnExists function| enableSpell function| spellPushUpdates function| spellGetUpdates function| getSpellObj function| spellFocus function| wideFileDropZone function| downloadWithProgress function| copyToClipboard function| enableMultiSelect function| hideToolTips function| detectCSSFeature function| isVScroll function| vScrollW function| xScrollUp function| sEC function| Focus function| windowOpener function| makeNewWindow function| makeNW function| setWidth function| setHeight function| FixWinHt function| NewWindow function| getOpener undefined| _cm01 function| closeMe function| cMe function| selectedRadioValue function| selectedCheckValues function| checkRadioByValue function| selectedListValue function| multiListHash function| selectListValue function| selectListHash function| sortSelectList function| ChkBxImage function| addCSS function| activateFloatTop function| deactivateFloatTop function| keepOnScreen function| hideInlineHelpInit function| triStateInit function| triStateClick function| setCookie function| getCookie function| delCookie function| checkAuth function| AddPhrases function| isASCII function| cmpi function| fmtstr_f function| strstri function| Trim function| ReplaceAll function| LSub1 function| LSub1b function| LSub2 function| LSub2b function| isHTML function| StripHTML function| Truncate function| WebText function| unWebText function| FormatLinkedWebText function| GoodFileName function| to_hex function| from_hex function| u_decode function| u_encode function| Help function| showMoreAttach function| playSound function| _getBigMenu function| new_calendar function| icon_fa function| xTooltip function| Start_AJAX_Transition number| __no_cache boolean| _ajax_ok object| ajax_err function| ajaxErr number| aLCD function| aCD function| ajaxCountdown function| aCDM number| aLCTO function| aLC function| ajaxLogin function| aLCM function| getAjaxObject function| luxsack function| vDynamic function| LoadArea function| wrap_child function| wrap_parent function| popUp function| popDown function| Initialize_Contexts function| waclose function| vReminders function| do_rpx object| pro object| lx object| ui object| _icon_map function| _getZIndex object| _phrases object| _fa_code_name_mapping function| moment object| _mu function| menu object| _chat number| js_tagapi object| __iffs function| autoDetect function| mobileFull function| doFocus function| Login function| QuickLogin function| liKP function| goLanguage function| do_window_onload function| do_dom_onready string| CKEDITOR_BASEPATH object| CKEDITOR object| pwCol object| pwTool object| pwTool2 function| getPWToolDiv function| drawPWTool function| hidePWTool object| crackCheckHistory number| checkPending function| checkCrack number| checkCrackID function| doCheckCrack function| PasswordStrength function| PasswordMatch function| confirm_ui2

3 Cookies

Domain/Path Name / Value
secure.wealthcare.com/ Name: __probe
Value: 1690568219020
secure.wealthcare.com/ Name: cache
Value: eyJjYWNoZV90YWciOjE2OTA1NjgyMTkwMjAuNTg2N30%3D
secure.wealthcare.com/ Name: viewport
Value: 1600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d4hm2u4pioc0c.cloudfront.net
fonts.googleapis.com
ka-p.fontawesome.com
kit.fontawesome.com
luxsci.com
secure.wealthcare.com
13.224.58.157
158.101.6.227
2606:4700::6812:1634
2606:4700::6812:1734
2a00:1450:4001:80b::200a
05f106d54338dd604bc69c56230aefae560177feed33953e909bb2885f5fc41e
1875eab5139c9cf0869a3f657ab740c63423287f15c3f2e56ecad1957ba032e0
28ab7b579f504ae033d8af62fafeaaea9cd702726bc819ba2a2e38f46b29b9fb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
4439acedd84640c797a412796bad1498e957d008f97660eb4db9925464dcebc4
50d8ad9352f9bcc39f967698f03c5be13d74cf27c354921d6ff22f7ef4a2c9d4
72f0f639cfa241455ef53b703e06df01512b17a3892eabd7d242442560af57c2
8d24f796610c45507804aef4de762d3c99ab028c0fdfa3cd54abe87d75b8d405
a4eec95172cbb1a7e851f76f19a3c2091421681da582f4682aab4daddff9e7c9
acb219d29071d6e531c616228bf10d356ec47a7fd5a43805ee94b3b11b9b2a32
bf451c0cd65d93f0ddc661780752c1361b7a40cb02402a1d5439bd28ac5686b5
c3d3f9e52c45a294722a6bfac87c565c5c363f3d1d088e589cd8866b3be54af6
c7940f51fe9506bed4f7077c37c772ba16fcc189da233a8e891e45a94e5e503f
de23c91926a31f89124012ad88ff93b7391fe49ea3d7e96d6906cb007d5dfc98
f36a459a9be709e555e858f4a018a5d08f17aaa7fc8c0918e2a2454afd647dcb
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86