uci-rpm.wellsensevu.com Open in urlscan Pro
108.138.106.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uci-rpm.wellsensevu.com/
Submission: On December 08 via api (December 8th 2023, 6:57:24 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 108.138.106.68, located in United States and belongs to AMAZON-02, US. The main domain is uci-rpm.wellsensevu.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 8th 2023. Valid for: a year.

This is the only time uci-rpm.wellsensevu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	108.138.106.68 108.138.106.68	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
13	3

9 108.138.106.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-68.jfk50.r.cloudfront.net

uci-rpm.wellsensevu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wellsensevu.com uci-rpm.wellsensevu.com	1 MB
4	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
13	2

	Domain	Requested by
9	uci-rpm.wellsensevu.com	uci-rpm.wellsensevu.com
2	fonts.gstatic.com	uci-rpm.wellsensevu.com
2	www.gstatic.com	uci-rpm.wellsensevu.com www.gstatic.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
uci-rpm.wellsensevu.com Amazon RSA 2048 M03	`2023-11-08` - `2024-12-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uci-rpm.wellsensevu.com/
Frame ID: 7F40C5AE568E6FA306E038EE2BEA6297
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wellsense

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

3027 kB
Transfer

9736 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uci-rpm.wellsensevu.com/ 4 KB
2 KB 316ms
125ms Document
text/html 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e9d5d82cc46d5c297a527d4d942fa517005228a8c64add610b5e1aa5727901a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 08 Dec 2023 18:57:18 GMT
etag: W/"fc9be1f910747e27af1712fc68a61680"
last-modified: Tue, 21 Nov 2023 16:35:11 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
x-amz-cf-id: 1mePVQHhK4qjsiOPDfc6on2N3qrNhT6OK1NSbmZ9HG5k3l8x3O7cDw==
x-amz-cf-pop: JFK50-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 main.dart.js Show response
uci-rpm.wellsensevu.com/ 4 MB
877 KB 66ms
66ms Script
application/javascript 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/main.dart.js
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0a9ebd3dd2f1fe8ab36b13b1ea520c1c145224c61af0c23e2a70f7a73d1133

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:18 GMT
content-encoding: br
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:35:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 2
etag: W/"dee90edfee70928a679f5da89b3bab9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IvS8My67nbF1ckVr6npUtvdNGTuWySm5GuK4O5B9oT7nspMtAUHShQ==

GET
H2 200 canvaskit.js Show response
www.gstatic.com/flutter-canvaskit/a794cf2681c6c9fe7b260e0e84de96298dc9c18b/chromium/ 92 KB
26 KB 241ms
101ms Script
text/javascript 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/a794cf2681c6c9fe7b260e0e84de96298dc9c18b/chromium/canvaskit.js

Requested by

Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee722314e8473c424e0fca10ac132a144be67abd90d69af22266610cf7706e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25876
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 20:40:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:57:19 GMT

GET
H2 200 FontManifest.json Show response
uci-rpm.wellsensevu.com/assets/ 274 B
603 B 63ms
63ms Fetch
application/json 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/FontManifest.json
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7945e7315edd9652a6f1c9e41aea27bedefefe0f83719156a16b7d37e9214e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:18 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:35:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 2
etag: "52365373fe47f54b5e5d7740a1101fa6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
content-length: 274
x-amz-cf-id: 5W1ByTztWlvL4iP5-cLQjuY0CV89kMdn13GDGccZwTY3KS73raHhIQ==

GET
H2 200 MaterialIcons-Regular.otf Show response
uci-rpm.wellsensevu.com/assets/fonts/ 8 KB
9 KB 140ms
138ms Fetch
binary/octet-stream 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/fonts/MaterialIcons-Regular.otf
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cbd7b1e052ec1fc8372fc607113fa28569ec141ba102f10d91423127b397494

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:20 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:35:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "8a22155aa19a704cd2b2427bd0dbd66c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
content-length: 8488
x-amz-cf-id: lXeMp3LILbUEF9m5o5-5rylzX7J4QiKkuzGEFkf6Wynrx9S8nYKxpA==

GET
H2 200 Futura.ttc Show response
uci-rpm.wellsensevu.com/assets/assets/fonts/ 477 KB
478 KB 119ms
118ms Fetch
binary/octet-stream 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/assets/fonts/Futura.ttc
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a6a40b3739cb49a6d788733383ea767b176d321f2c4718a704966a2f46668cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:20 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:34:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "1587140390b386b08571f5de4aca0c83"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
content-length: 488604
x-amz-cf-id: Fc0cftefmYgQBhGiA-9NvXxfAkdedUB66cwWm0Y8aO7WepziFaD9nQ==

GET
H2 200 CupertinoIcons.ttf Show response
uci-rpm.wellsensevu.com/assets/packages/cupertino_icons/assets/ 1 KB
2 KB 141ms
140ms Fetch
binary/octet-stream 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:20 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:34:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "89ed8f4e49bcdfc0b5bfc9b24591e347"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: binary/octet-stream
content-length: 1272
x-amz-cf-id: lwUv2uLY0Odc2KY8Yl-PLi40sW4mbaPoodI27sHBkA9DJmUXz_nK3g==

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
90 KB 225ms
67ms Fetch
font/ttf 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 17:50:50 GMT

GET
H3 200 canvaskit.wasm Show response
www.gstatic.com/flutter-canvaskit/a794cf2681c6c9fe7b260e0e84de96298dc9c18b/chromium/ 5 MB
1 MB 186ms
61ms Fetch
application/wasm 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/a794cf2681c6c9fe7b260e0e84de96298dc9c18b/chromium/canvaskit.wasm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/a794cf2681c6c9fe7b260e0e84de96298dc9c18b/chromium/canvaskit.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89337bc8980a2c22e542f4c2f4cd19d4d36b77018b0d4109563bbde8701aebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1490113
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 20:40:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:52:47 GMT

GET
H2 200 AssetManifest.json Show response
uci-rpm.wellsensevu.com/assets/ 8 KB
1 KB 65ms
64ms Fetch
application/json 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/AssetManifest.json
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77f6f950fa67168af7ec89afe8658b860f2b0cf418850097bea3e56c1f2df291

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:18 GMT
content-encoding: br
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:35:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 3
etag: W/"c927f20de38741e2164bc96d72ce7765"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
x-amz-cf-id: MkJHaITo0NAbK-L7X7y9_pw_6WNHkHYATBsHhvdSqKARefRTaYvmvQ==

GET
H2 200 AssetManifest.bin Show response
uci-rpm.wellsensevu.com/assets/ 9 KB
9 KB 157ms
157ms Fetch
application/octet-stream 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/AssetManifest.bin
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dad3b08885760846e41280b2424d12d6718632065d0a6fa77219278151e47a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:22 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:35:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "5adde747d15758d8b563e47642b073e7"
x-cache: Miss from cloudfront
content-type: application/octet-stream
content-length: 8967
x-amz-cf-id: tEmZt6x02QLYrxCbA1cRTe86J8V50YPVDnWv6GMKBmT1WpzEw1ni9Q==

GET
H2 200 a1166b39014ea8c5662fb7048937fe8605c56ab1bd005ec6480250372b29ec41.ttf Show response
fonts.gstatic.com/s/a/ 96 KB
59 KB 64ms
62ms XHR
font/ttf 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/a/a1166b39014ea8c5662fb7048937fe8605c56ab1bd005ec6480250372b29ec41.ttf

Requested by

Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1166b39014ea8c5662fb7048937fe8605c56ab1bd005ec6480250372b29ec41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60596
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 19:10:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:09:04 GMT

GET
H2 200 background_image_gray.jpg Show response
uci-rpm.wellsensevu.com/assets/assets/images/ 18 KB
19 KB 149ms
148ms Fetch
image/jpeg 108.138.106.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uci-rpm.wellsensevu.com/assets/assets/images/background_image_gray.jpg
Requested by: Host: uci-rpm.wellsensevu.com
URL: https://uci-rpm.wellsensevu.com/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f1a22aab36fb3c0f32147e917664e5ac3803a279b92b4e87d16fb1edf73b597

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uci-rpm.wellsensevu.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:23 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Nov 2023 16:34:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "e658411b4ee18039161bf289b01b6c42"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 18729
x-amz-cf-id: 0Aj8gSOpBXrJzfMX46uakitT3o80-cKF6ZC3g7ZPEKImed_e2VMGiw==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uci-rpm.wellsensevu.com/main.dart.js(Line 8542) Message: WebSocket connection to 'wss://a2aji2bxcksxkm-ats.iot.null.amazonaws.com/mqtt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWXT3OWJOHDFE66L%2F20231208%2F%2Fiotdevicegateway%2Faws4_request&X-Amz-Date=20231208T185720Z&X-Amz-SignedHeaders=host&X-Amz-Signature=1b7d1f9fc40740b3cc809b8d768272937d1693ff0504baf09c3cac0d332718e7' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://uci-rpm.wellsensevu.com/main.dart.js(Line 8542) Message: WebSocket connection to 'wss://a2aji2bxcksxkm-ats.iot.null.amazonaws.com/mqtt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZWXT3OWJOHDFE66L%2F20231208%2F%2Fiotdevicegateway%2Faws4_request&X-Amz-Date=20231208T185722Z&X-Amz-SignedHeaders=host&X-Amz-Signature=c4622e34c8936396f41c3167017c43c1fedfca37a94020bef9730c2326367a19' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://uci-rpm.wellsensevu.com/main.dart.js(Line 95054) Message: WebSocket is already in CLOSING or CLOSED state.
javascript	error	URL: https://uci-rpm.wellsensevu.com/main.dart.js(Line 95054) Message: WebSocket is already in CLOSING or CLOSED state.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
uci-rpm.wellsensevu.com
www.gstatic.com
108.138.106.68
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c09::5e
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
0d0a9ebd3dd2f1fe8ab36b13b1ea520c1c145224c61af0c23e2a70f7a73d1133
2a6a40b3739cb49a6d788733383ea767b176d321f2c4718a704966a2f46668cc
2f1a22aab36fb3c0f32147e917664e5ac3803a279b92b4e87d16fb1edf73b597
4cbd7b1e052ec1fc8372fc607113fa28569ec141ba102f10d91423127b397494
4e9d5d82cc46d5c297a527d4d942fa517005228a8c64add610b5e1aa5727901a
77f6f950fa67168af7ec89afe8658b860f2b0cf418850097bea3e56c1f2df291
9dad3b08885760846e41280b2424d12d6718632065d0a6fa77219278151e47a3
a1166b39014ea8c5662fb7048937fe8605c56ab1bd005ec6480250372b29ec41
a7945e7315edd9652a6f1c9e41aea27bedefefe0f83719156a16b7d37e9214e7
bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531
e89337bc8980a2c22e542f4c2f4cd19d4d36b77018b0d4109563bbde8701aebd
ee722314e8473c424e0fca10ac132a144be67abd90d69af22266610cf7706e9a

uci-rpm.wellsensevu.com Open in urlscan Pro 108.138.106.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

3027 kBTransfer

9736 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

uci-rpm.wellsensevu.com Open in urlscan Pro
108.138.106.68 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

3027 kB
Transfer

9736 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions