urlscan.io logo urlscan.io
SecurityTrails logo

well.bevi.co Open in urlscan Pro
161.35.248.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://well.bevi.co/
Effective URL: https://well.bevi.co/portal
Submission: On November 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 161.35.248.79, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is well.bevi.co. The Cisco Umbrella rank of the primary domain is 270645.
TLS certificate: Issued by R3 on November 5th 2023. Valid for: 3 months.
This is the only time well.bevi.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 161.35.248.79 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:600... 54113 (FASTLY)
2 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 6
11    161.35.248.79 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
well.bevi.co
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
2    2600:9000:214f:4800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    2606:4700::6810:d8f1 (United States)

ASN13335 (CLOUDFLARENET, US)
bevico.auth0.com
Apex Domain
Subdomains		 Transfer
11 bevi.co
well.bevi.co — Cisco Umbrella Rank: 270645
1 MB
3 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7121
bevico.auth0.com
4 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4667
134 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
850 B
16 4
Domain Requested by
11 well.bevi.co 2 redirects well.bevi.co
3 fast.appcues.com well.bevi.co
fast.appcues.com
2 cdn.auth0.com well.bevi.co
1 bevico.auth0.com well.bevi.co
1 fonts.googleapis.com well.bevi.co
16 5

This site contains links to these domains. Also see Links.

Domain
orders.bevi.co
Subject Issuer Validity Valid
well.bevi.co
R3		 2023-11-05 -
2024-02-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-05 -
2024-09-05		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
*.webtask.auth0.com
E1		 2023-09-30 -
2023-12-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://well.bevi.co/portal
Frame ID: FD0BA5B68E803A0CE9F945117D784FC8
Requests: 17 HTTP requests in this frame

Frame: https://bevico.auth0.com/authorize?client_id=kP3hTbroYTm2tw6SiaEWGRbhH2Ep4dIh&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fwell.bevi.co%2Fportal&scope=openid%20profile%20email&state=A2quArIdB-1C-TDpLPLF412meMzn4osz&nonce=75OtJKafXG2ldgvKXTF-Xh385KTdPsd1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4yMi40IiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4xMi4yIiwiYXV0aDAuanMtdWxwIjoiOS4xMi4yIn19
Frame ID: B83469E34E2608A3E01D8B0CF85D987C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Well

Page URL History Show full URLs

  1. http://well.bevi.co/ HTTP 302
    https://well.bevi.co/ HTTP 303
    https://well.bevi.co/portal Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

1505 kB
Transfer

4828 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://well.bevi.co/ HTTP 302
    https://well.bevi.co/ HTTP 303
    https://well.bevi.co/portal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request portal
well.bevi.co/
Redirect Chain
  • http://well.bevi.co/
  • https://well.bevi.co/
  • https://well.bevi.co/portal
1 KB
903 B 		Document
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f2a6c54cb849195894ff4960011bf2d3cfe782d406b63a34a96ec685a0dc9737

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
600
Content-Type
text/html;charset=utf-8
Date
Wed, 22 Nov 2023 10:27:47 GMT
ETag
"a0c3d6bc5d280bd709ac919cf5ec6c4d--gzip"
Last-Modified
Fri, 17 Nov 2023 14:42:04 GMT
Server
nginx/1.24.0
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Date
Wed, 22 Nov 2023 10:27:47 GMT
Location
https://well.bevi.co/portal
Server
nginx/1.24.0
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		2 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap&subset=latin-ext
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://well.bevi.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 10:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 09:16:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 10:27:47 GMT
63757.js
fast.appcues.com/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/63757.js
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
aa464d562d0cbb0e9a6487ce205f967aa09d17fbdf1b4de771df92d84ae7bcae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://well.bevi.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:27:47 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
4797
x-request-id
F5nrIofew_2_G4NVnerj
x-served-by
cache-fra-eddf8230115-FRA
server
Cowboy
x-timer
S1700648867.422285,VS0,VE512
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
runtime.3385942038dca14bcffd.js
well.bevi.co/portal/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/runtime.3385942038dca14bcffd.js
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d5138ea043e090d5ea88fbb06304f68a2d5392c793e19fa3ae3d4ce56d7c8075

Request headers

Referer
https://well.bevi.co/portal
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:40:40 GMT
Server
nginx/1.24.0
ETag
"69465291a681933f29abaecb2a722029--gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
1193
polyfills.f50333d7fc2c41fc21d4.esm.js
well.bevi.co/portal/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/polyfills.f50333d7fc2c41fc21d4.esm.js
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
6524b35b7ed588560b06b9a680e0c015e21d252b75d1c819161ef7db9dfe0fb9

Request headers

Referer
https://well.bevi.co/portal
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:40:40 GMT
Server
nginx/1.24.0
ETag
"a485f65ec38b8a8f117414a75f7cb79f--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
vendor.164b779075199bb0d77b.esm.js
well.bevi.co/portal/ 		3 MB
858 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/vendor.164b779075199bb0d77b.esm.js
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
88cf154465ffa382ccb37c10b48d4702330703cf5146bcbf50a94c8fe45cfbb7

Request headers

Referer
https://well.bevi.co/portal
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:40:40 GMT
Server
nginx/1.24.0
ETag
"9fe3c32cb9702cca18b03219ccda813a--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
main.3a734352fdf7ad35c766.esm.js
well.bevi.co/portal/ 		772 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/main.3a734352fdf7ad35c766.esm.js
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
eab5984711a307810c22d957515b8c3c7be9797d4dbbdd6417320a6a48a73017

Request headers

Referer
https://well.bevi.co/portal
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:40:40 GMT
Server
nginx/1.24.0
ETag
"2d39c550d4b32843b9bebcb06fd8a0f1--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
appcues.main.8518894d8f45283b89c13911fda87daf81808297.js
fast.appcues.com/generic/main/4.60.43/ 		448 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.43/appcues.main.8518894d8f45283b89c13911fda87daf81808297.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/63757.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93fbf546bb53785dee6f25af4b43a948d9d4306298bb274151cd08e4a6eb9f81

Request headers

Referer
https://well.bevi.co/
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:27:47 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
K7H99ARSKX2R9Y0C
age
130897
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
129316
x-amz-id-2
xGi7ppsO4DlOmS/j2AaxNZKJM37uuSp47orvSuVDg0H4uKSEJwsbus+lOsI01iwS9d+EMmJLodo=
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Mon, 20 Nov 2023 21:47:13 GMT
server
AmazonS3
x-timer
S1700648868.964441,VS0,VE0
etag
"849f786f28aad914c25ed810f0c31ace"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
26
container.8518894d8f45283b89c13911fda87daf81808297.css
fast.appcues.com/generic/main/4.60.43/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.60.43/container.8518894d8f45283b89c13911fda87daf81808297.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.60.43/appcues.main.8518894d8f45283b89c13911fda87daf81808297.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://well.bevi.co/
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:27:48 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
VS1VT17HZCNSTWVC
age
130935
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
peRrySpUT7XM67HoQ6m8VfdTLyxQ5jr1+U7iMQTUXv4bpFLDH8gdcIGoD5dziuFwOyN7bCL73T0=
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Mon, 20 Nov 2023 21:47:13 GMT
server
AmazonS3
x-timer
S1700648868.077349,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
6335
badge.png
cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/badge.png
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://well.bevi.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
CghttMoXpqZBzj9pIZwTb7OuGonBat5c
date
Tue, 21 Nov 2023 17:49:18 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
59952
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1591
last-modified
Thu, 04 May 2017 21:37:11 GMT
server
AmazonS3
etag
"e3842ac36d4fbd8d4e31a39999c0eba6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2628000,public
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
IJ_EX8xVmEVAuzePrGmi3RqTJUOTzx4vZLGbhVnAgPOwbcBJGXcCxw==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02cf6e909da846cdd5895855ace633eeb5c0c1b4ee320b4f18089c51d6fb47b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
blobs.81805a3.png
well.bevi.co/portal/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://well.bevi.co/portal/blobs.81805a3.png
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
7d6e3a9653f2509936acbe59f2b951ecbf27c334893fdd4ffe445f7a12abcce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://well.bevi.co/portal/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:48 GMT
Last-Modified
Fri, 17 Nov 2023 14:42:04 GMT
Server
nginx/1.24.0
Connection
keep-alive
ETag
"904e2e5f84746e75c627c877782edd66"
Transfer-Encoding
chunked
Content-Type
image/png
rubik-latin-500.9ac3d9de00cce6d3352a.woff2
well.bevi.co/portal/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/rubik-latin-500.9ac3d9de00cce6d3352a.woff2
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c04a44e086dd1f503e6d2ab7a5c1a935b06e131c95287760aa104b9530abe430

Request headers

Referer
https://well.bevi.co/portal/login
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:42:04 GMT
Server
nginx/1.24.0
ETag
"86e6696cdf879648fb84fb1e22c4eb11--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Connection
keep-alive
kP3hTbroYTm2tw6SiaEWGRbhH2Ep4dIh.js
cdn.auth0.com/client/ 		530 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/client/kP3hTbroYTm2tw6SiaEWGRbhH2Ep4dIh.js?t1700648868476
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal/vendor.164b779075199bb0d77b.esm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893e62c626e7f86d7605c435fe665b2a1fb23d18d2945c8b8f0d9333df36e2bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://well.bevi.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:27:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
tracestate
auth0-request-id=82a07b663b2e3649,auth0=true
x-auth0-requestid
dd04f02439bfd1554368
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
server
cloudflare
ot-tracer-sampled
true
traceparent
00-0000000000000000106a620e5501b735-476ebc05088651ba-01
etag
W/"212-xgLB6XE+IO44W7W+aTay3tbhTyg"
ot-tracer-traceid
106a620e5501b735
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id
82a07b663b2e3649
cf-ray
82a07b663b2e3649-FRA
x-robots-tag
noindex
x-amz-cf-id
9_h8IASCFweYJNA7i4OjwW0-GbhWBwcTtioVoE6_Bqs-Okg3dzg7Gg==
ot-tracer-spanid
476ebc05088651ba
authorize
bevico.auth0.com/ Frame B834 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bevico.auth0.com/authorize?client_id=kP3hTbroYTm2tw6SiaEWGRbhH2Ep4dIh&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fwell.bevi.co%2Fportal&scope=openid%20profile%20email&state=A2quArIdB-1C-TDpLPLF412meMzn4osz&nonce=75OtJKafXG2ldgvKXTF-Xh385KTdPsd1&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMS4yMi40IiwiZW52Ijp7ImF1dGgwLmpzIjoiOS4xMi4yIiwiYXV0aDAuanMtdWxwIjoiOS4xMi4yIn19
Requested by
Host: well.bevi.co
URL: https://well.bevi.co/portal/vendor.164b779075199bb0d77b.esm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85aa8f49b12f6abf9d671eda50347a83b2ea30af00f724a5a2e2aa732e942dc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://well.bevi.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
82a07b6b08be3a70-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 22 Nov 2023 10:27:49 GMT
ot-baggage-auth0-request-id
82a07b6b08be3a70
ot-tracer-sampled
true
ot-tracer-spanid
10d1cb67214d0a8e
ot-tracer-traceid
2b1e5e7577d2eac8
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000002b1e5e7577d2eac8-10d1cb67214d0a8e-01
tracestate
auth0-request-id=82a07b6b08be3a70,auth0=true
vary
Accept-Encoding
x-auth0-requestid
d15ab3a449b6b7f59938
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1700648870
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
rubik-latin-700.a7db29488272756e766b.woff2
well.bevi.co/portal/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/rubik-latin-700.a7db29488272756e766b.woff2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
354b0a3a84797d6a65590e64ad2d5ffc1718aab3a913c11efaeef4c073cc798c

Request headers

Referer
https://well.bevi.co/portal/login
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:42:04 GMT
Server
nginx/1.24.0
ETag
"aa8012e4ce610709d4c49ef746f8f839--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Connection
keep-alive
rubik-latin-400.63c5b6176f60881d53dd.woff2
well.bevi.co/portal/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://well.bevi.co/portal/rubik-latin-400.63c5b6176f60881d53dd.woff2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.248.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13

Request headers

Referer
https://well.bevi.co/portal/login
Origin
https://well.bevi.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 10:27:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 14:42:04 GMT
Server
nginx/1.24.0
ETag
"bb4e3489b9f29ceacf7952345436fbcc--gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
font/woff2
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| AppcuesBundleSettings object| Appcues object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| Auth0 object| DD_LOGS

3 Cookies

Domain/Path Name / Value
well.bevi.co/ Name: _dd_l
Value: 1
well.bevi.co/ Name: _dd
Value: 3df70bf8-5579-4c4f-8f6a-253468e5300d
bevico.auth0.com/ Name: did
Value: s%3Av0%3Ac9320a50-8921-11ee-a944-b3f35516584f.k%2FR9udTYPZR0zmZ9VsLERjBdTP6ITbaA4KjoQkRiHnI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bevico.auth0.com
cdn.auth0.com
fast.appcues.com
fonts.googleapis.com
well.bevi.co
161.35.248.79
2600:9000:214f:4800:10:474e:104a:2961
2606:4700::6810:d8f1
2a00:1450:4001:831::200a
2a04:4e42:600::622
02cf6e909da846cdd5895855ace633eeb5c0c1b4ee320b4f18089c51d6fb47b5
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11
354b0a3a84797d6a65590e64ad2d5ffc1718aab3a913c11efaeef4c073cc798c
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
6524b35b7ed588560b06b9a680e0c015e21d252b75d1c819161ef7db9dfe0fb9
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
7d6e3a9653f2509936acbe59f2b951ecbf27c334893fdd4ffe445f7a12abcce9
85aa8f49b12f6abf9d671eda50347a83b2ea30af00f724a5a2e2aa732e942dc7
88cf154465ffa382ccb37c10b48d4702330703cf5146bcbf50a94c8fe45cfbb7
893e62c626e7f86d7605c435fe665b2a1fb23d18d2945c8b8f0d9333df36e2bb
93fbf546bb53785dee6f25af4b43a948d9d4306298bb274151cd08e4a6eb9f81
aa464d562d0cbb0e9a6487ce205f967aa09d17fbdf1b4de771df92d84ae7bcae
c04a44e086dd1f503e6d2ab7a5c1a935b06e131c95287760aa104b9530abe430
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
d5138ea043e090d5ea88fbb06304f68a2d5392c793e19fa3ae3d4ce56d7c8075
dc3dd1958c8c96494a868ce922090704dfe779f54e7b059408077b6d59584d13
eab5984711a307810c22d957515b8c3c7be9797d4dbbdd6417320a6a48a73017
f2a6c54cb849195894ff4960011bf2d3cfe782d406b63a34a96ec685a0dc9737