user-mgmt-newfoundlandpower.prd.rotw.uplight.io Open in urlscan Pro
34.149.39.250 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/
Submission: On December 03 via automatic, source certstream-suspicious (December 3rd 2024, 11:41:00 pm UTC) — Scanned from PL

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 34.149.39.250, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is user-mgmt-newfoundlandpower.prd.rotw.uplight.io.
TLS certificate: Issued by WR3 on December 3rd 2024. Valid for: 3 months.

This is the only time user-mgmt-newfoundlandpower.prd.rotw.uplight.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	34.149.39.250 34.149.39.250		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	1

8 34.149.39.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.39.149.34.bc.googleusercontent.com

user-mgmt-newfoundlandpower.prd.rotw.uplight.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	uplight.io user-mgmt-newfoundlandpower.prd.rotw.uplight.io	338 KB
8	1

	Domain	Requested by
8	user-mgmt-newfoundlandpower.prd.rotw.uplight.io	user-mgmt-newfoundlandpower.prd.rotw.uplight.io
8	1

This site contains links to these domains. Also see Links.

Domain
engage-host-newfoundland.prd.rotw.uplight.io

Subject Issuer	Validity	Valid
comed.user-mgmt.prd.rotw.uplight.io WR3	`2024-12-03` - `2025-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/
Frame ID: 9C86E681502EA44C575DB4B3272FB51F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyHome- takeCHARGE

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

338 kB
Transfer

781 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://engage-host-newfoundland.prd.rotw.uplight.io/login
Title: I already have an account

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response user-mgmt-newfoundlandpower.prd.rotw.uplight.io/	484 B 948 B	315ms 200ms	Document text/html	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `cd57ee33ea0f43c9edad790b13f2edc1f5b1f5874e5fc482e5b800b98c751dbf` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public,max-age=3600,no-cache content-length 484 content-type text/html date Tue, 03 Dec 2024 23:40:55 GMT etag "72c8564b03ef421c3054713d4fba0adc" last-modified Tue, 03 Dec 2024 23:24:08 GMT server UploadServer vary Origin via 1.1 google x-goog-generation 1733268248574127 x-goog-hash crc32c=8oZGRw== md5=cshWSwPvQhwwVHE9T7oK3A== x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 484 x-guploader-uploadid AFiumC61cDFDgWRwsng6lnCROKCglwV4DiVbsGkBTgKa1lyTDWdf7nk74p4CVYRY6OE2hf3FBnQ
GET H2	200	index-DJDSdV1B.js Show response user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/	625 KB 189 KB	273ms 273ms	Script text/javascript	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-DJDSdV1B.js Requested by Host: user-mgmt-newfoundlandpower.prd.rotw.uplight.io URL: https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `0c4675999bf63f243e28327da2e95775f216d53de1d32179a2bc1af46b1bf2ef` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=E1GfLw==, md5=HGaDDcmG7ZnsB+OuYVr9fQ== content-encoding br x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 640311 date Tue, 03 Dec 2024 23:40:55 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type text/javascript vary Origin, Accept-Encoding x-guploader-uploadid AFiumC6FjPd06gWxDzxLL3Ph47RMiYolCLmptfa-_5bLQgWosL39ZFl9w8XD4yaAtWZgZpqbBSGgiGezVg cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247819787 server UploadServer
GET H2	200	index-C6TnITv_.css user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/	4 KB 983 B	208ms 208ms	Stylesheet text/css	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-C6TnITv_.css Requested by Host: user-mgmt-newfoundlandpower.prd.rotw.uplight.io URL: https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `a6dc2d3510ac36a65c939ce5f4ba7f9df0a7065075a105f3f017f316b7cccade` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=s0GA9A==, md5=WrrEBAa8pjdtULIPAzRgRQ== content-encoding br x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 3596 date Tue, 03 Dec 2024 23:40:55 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type text/css vary Origin, Accept-Encoding x-guploader-uploadid AFiumC5bWuIrco0TmgMX-mRLfvv7BbB3mVkJkztolwCUKxF6Pfr-owP_puGH4Y-x9RLDsl1fsOqCb-B0Gw cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247779729 server UploadServer
GET H2	200	newfoundlandpower-CKKqOhM_.js Show response user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/	3 KB 1 KB	205ms 204ms	Script text/javascript	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/newfoundlandpower-CKKqOhM_.js Requested by Host: user-mgmt-newfoundlandpower.prd.rotw.uplight.io URL: https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-DJDSdV1B.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `4110e9d5518deb831d7f7467ed7611aa9d6fe1095856d626b40a5f0131bcb278` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-DJDSdV1B.js Response headers x-goog-metageneration 1 x-goog-hash crc32c=qSDwFQ==, md5=3en48ahMHxSiSutZHa1AKQ== content-encoding br x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 3212 date Tue, 03 Dec 2024 23:40:55 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type text/javascript vary Origin, Accept-Encoding x-guploader-uploadid AFiumC6LLr2qfQZaOmy1eUjt8p3kMPAQ6GerqGvQTgJRM5BdTRHB5-OoZefl-fabkxKO_mBn_W7RCoiryA cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247799300 server UploadServer
GET H2	200	newfoundlandpower.ico user-mgmt-newfoundlandpower.prd.rotw.uplight.io/favicons/	110 KB 110 KB	244ms 244ms	Other image/vnd.microsoft.icon	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/favicons/newfoundlandpower.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `1ee6edf04f95ad13e813d217a4b8686f6df86804f869ed66a997ed76a16f357d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=Mx9PwQ==, md5=2njdcae4DgV2TIqCiSzEjQ== etag "da78dd71a7b80e05764c8a82892cc48d" x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 112503 date Tue, 03 Dec 2024 23:40:55 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type image/vnd.microsoft.icon vary Origin x-guploader-uploadid AFiumC7YvF2maFym6YhMbICCbrdCRFZCstSiHkUvTcVwCEdA6t4fqt_jSLqoXv5JcQSon27DvB7tra593Q cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247764985 content-length 112503 server UploadServer
GET H2	200	newfoundlandpower.svg user-mgmt-newfoundlandpower.prd.rotw.uplight.io/logos/	7 KB 3 KB	238ms 237ms	Image image/svg+xml	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/logos/newfoundlandpower.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `257db9f3f5cda84448017aa16cad07f26cb5d22ab34a5e03bb874c2ef7cc99fe` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=gnuNeg==, md5=o1Gc0pDhtocPlIFFERXhiw== content-encoding br x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 6802 date Tue, 03 Dec 2024 23:40:56 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type image/svg+xml vary Origin, Accept-Encoding x-guploader-uploadid AFiumC4_m_8Zk50l-X8KtRQnyWc7BE7MBvCDh2_E92ZquNEnbsN-lMKL7YD5-c5zTRG2mYKV8yUJQIYjvw cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247695035 server UploadServer
GET H2	200	newfoundlandpower.svg user-mgmt-newfoundlandpower.prd.rotw.uplight.io/backgroundImages/	692 B 908 B	497ms 497ms	Image image/svg+xml	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/backgroundImages/newfoundlandpower.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `ca88a520a6940124c920d7b7574f24a7bc2acd7cec3a832ae6c026df1cfbb8b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/ Response headers x-goog-metageneration 1 x-goog-hash crc32c=f4Y+UA==, md5=kNufkE0d9xcrP6HWBVQ2zw== etag "90db9f904d1df7172b3fa1d6055436cf" x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 692 date Tue, 03 Dec 2024 23:40:56 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type image/svg+xml vary Origin x-guploader-uploadid AFiumC7PGkdIuBSADSgT6mo0EtvUOW_aOk-2zIEkxOeHhjzjb_xml1bea8zcU954kOrcA61kMv6Lwe68xg cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247702110 content-length 692 server UploadServer
GET H2	200	MarkOT-CZVKLwZx.woff2 user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/	32 KB 32 KB	220ms 220ms	Font font/woff2	34.149.39.250 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/MarkOT-CZVKLwZx.woff2 Requested by Host: user-mgmt-newfoundlandpower.prd.rotw.uplight.io URL: https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-C6TnITv_.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.39.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 250.39.149.34.bc.googleusercontent.com Software UploadServer / Resource Hash `8f828be279e2d7c6ae0d965526044416a5ecf648c78d9409fe097e428b271ae8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io Referer https://user-mgmt-newfoundlandpower.prd.rotw.uplight.io/assets/index-C6TnITv_.css Response headers x-goog-metageneration 1 x-goog-hash crc32c=bTcElA==, md5=u5CMBm9jnjRDS9lNGOaPOA== etag "bb908c066f639e34434bd94d18e68f38" x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 32508 date Tue, 03 Dec 2024 23:40:56 GMT last-modified Tue, 03 Dec 2024 23:24:07 GMT content-type font/woff2 vary Origin x-guploader-uploadid AFiumC5ns9N38j8PQ47pVdPxBrGVI2MTQkeyIFp8IKGZznhsX5yvCGae-WdoHhQnUWNq7XcHSGi4fBUeKQ cache-control public,max-age=3600 x-goog-storage-class STANDARD via 1.1 google accept-ranges bytes x-goog-generation 1733268247809639 content-length 32508 server UploadServer

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

user-mgmt-newfoundlandpower.prd.rotw.uplight.io
34.149.39.250
0c4675999bf63f243e28327da2e95775f216d53de1d32179a2bc1af46b1bf2ef
1ee6edf04f95ad13e813d217a4b8686f6df86804f869ed66a997ed76a16f357d
257db9f3f5cda84448017aa16cad07f26cb5d22ab34a5e03bb874c2ef7cc99fe
4110e9d5518deb831d7f7467ed7611aa9d6fe1095856d626b40a5f0131bcb278
8f828be279e2d7c6ae0d965526044416a5ecf648c78d9409fe097e428b271ae8
a6dc2d3510ac36a65c939ce5f4ba7f9df0a7065075a105f3f017f316b7cccade
ca88a520a6940124c920d7b7574f24a7bc2acd7cec3a832ae6c026df1cfbb8b4
cd57ee33ea0f43c9edad790b13f2edc1f5b1f5874e5fc482e5b800b98c751dbf

user-mgmt-newfoundlandpower.prd.rotw.uplight.io Open in urlscan Pro 34.149.39.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

338 kBTransfer

781 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

user-mgmt-newfoundlandpower.prd.rotw.uplight.io Open in urlscan Pro
34.149.39.250 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

338 kB
Transfer

781 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions