Submitted URL: https://salvos.ucareapp.com/events/341
Effective URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Submission: On September 13 via manual from AU — Scanned from AU

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 13.70.72.36, located in Sydney, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is salvos.ucareapp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 15th 2021. Valid for: a year.
This is the only time salvos.ucareapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.70.72.36 8075 (MICROSOFT...)
6 152.199.39.108 15133 (EDGECAST)
2 13.70.73.106 8075 (MICROSOFT...)
9 4
Apex Domain
Subdomains
Transfer
8 ucareapp.com
salvos.ucareapp.com
static.ucareapp.com
357 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 1060
280 B
9 2
Domain Requested by
6 static.ucareapp.com salvos.ucareapp.com
static.ucareapp.com
2 dc.services.visualstudio.com static.ucareapp.com
2 salvos.ucareapp.com 1 redirects
9 3

This site contains no links.

Subject Issuer Validity Valid
*.ucareapp.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-15 -
2022-10-15
a year crt.sh
sni5623gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1
2022-08-11 -
2023-09-11
a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02
2022-08-23 -
2023-08-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Frame ID: D72AA2C9481259EC287653E8B00733E0
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Sign In | UCare

Page URL History Show full URLs

  1. https://salvos.ucareapp.com/events/341 HTTP 302
    https://salvos.ucareapp.com/session?dest=%2fevents%2f341 Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

356 kB
Transfer

1077 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://salvos.ucareapp.com/events/341 HTTP 302
    https://salvos.ucareapp.com/session?dest=%2fevents%2f341 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request session
salvos.ucareapp.com/
Redirect Chain
  • https://salvos.ucareapp.com/events/341
  • https://salvos.ucareapp.com/session?dest=%2fevents%2f341
2 KB
1 KB
Document
General
Full URL
https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.72.36 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55faa27b22c1e07cee98c27ed5484275333e79d91affcc2dd0fca33289d6341e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
no-cache, no-transform
content-encoding
gzip
content-length
1115
content-type
text/html; charset=utf-8
date
Tue, 13 Sep 2022 05:31:32 GMT
expires
-1
pragma
no-cache
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
content-length
146
content-type
text/html; charset=utf-8
date
Tue, 13 Sep 2022 05:31:32 GMT
location
/session?dest=%2fevents%2f341
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
strict-transport-security
max-age=31536000; includeSubDomains
basic.90e1728739d9deda35f52a4f5352a31d.css
static.ucareapp.com/public/styles/
28 KB
9 KB
Stylesheet
General
Full URL
https://static.ucareapp.com/public/styles/basic.90e1728739d9deda35f52a4f5352a31d.css
Requested by
Host: salvos.ucareapp.com
URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D1) /
Resource Hash
547dc34222a6ad02a804314060da122d164492e23060754abc5fe48b8e0ce511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://salvos.ucareapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
8656
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
last-modified
Wed, 07 Sep 2022 14:09:57 GMT
server
ECAcc (nwa/E7D1)
etag
"80a86c82c3c2d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
date.f056aba9bdbb844e5c3d.js
static.ucareapp.com/dist/
167 KB
32 KB
Script
General
Full URL
https://static.ucareapp.com/dist/date.f056aba9bdbb844e5c3d.js
Requested by
Host: salvos.ucareapp.com
URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D3) /
Resource Hash
d096a96a02fa076b7f83fbd4959fd96648d5b5130f86f6143af2b99795cddb82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://salvos.ucareapp.com/
Origin
https://salvos.ucareapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
32426
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
last-modified
Wed, 07 Sep 2022 14:12:14 GMT
server
ECAcc (nwa/E7D3)
etag
"03315d4c3c2d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
react.b07aadf237f02c588dc1.js
static.ucareapp.com/dist/
275 KB
88 KB
Script
General
Full URL
https://static.ucareapp.com/dist/react.b07aadf237f02c588dc1.js
Requested by
Host: salvos.ucareapp.com
URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7C1) /
Resource Hash
0b748e516dc79f6c64ef0cfe7b0ea8ba46887cfdbf67fb4194333d288c74ee0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://salvos.ucareapp.com/
Origin
https://salvos.ucareapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
90466
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
last-modified
Wed, 07 Sep 2022 14:12:14 GMT
server
ECAcc (nwa/E7C1)
etag
"03315d4c3c2d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
common.196fdeca453b2fd60f34.js
static.ucareapp.com/dist/
287 KB
97 KB
Script
General
Full URL
https://static.ucareapp.com/dist/common.196fdeca453b2fd60f34.js
Requested by
Host: salvos.ucareapp.com
URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7BC) /
Resource Hash
205e8e3b96af175ae3d7beeb233ff523b6e5cc9b72a033185537fd8ca106d872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://salvos.ucareapp.com/
Origin
https://salvos.ucareapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
99478
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
last-modified
Wed, 07 Sep 2022 14:12:14 GMT
server
ECAcc (nwa/E7BC)
etag
"03315d4c3c2d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
basic.a1d7fd9362712c02c683.js
static.ucareapp.com/dist/
249 KB
65 KB
Script
General
Full URL
https://static.ucareapp.com/dist/basic.a1d7fd9362712c02c683.js
Requested by
Host: salvos.ucareapp.com
URL: https://salvos.ucareapp.com/session?dest=%2fevents%2f341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7BF) /
Resource Hash
dd9b6dc2f70d37564cf103f3658d0ab6f032494020f429807f5f8fedcfed114a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://salvos.ucareapp.com/
Origin
https://salvos.ucareapp.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
66497
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
last-modified
Wed, 07 Sep 2022 14:12:14 GMT
server
ECAcc (nwa/E7BF)
etag
"03315d4c3c2d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
hero.jpg
static.ucareapp.com/public/images/
63 KB
63 KB
Image
General
Full URL
https://static.ucareapp.com/public/images/hero.jpg
Requested by
Host: static.ucareapp.com
URL: https://static.ucareapp.com/public/styles/basic.90e1728739d9deda35f52a4f5352a31d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7B9) /
Resource Hash
47c15a62e74dda09d49612bc061ee2468cfbb76e8e8d49c37d708ab525e29754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.ucareapp.com/public/styles/basic.90e1728739d9deda35f52a4f5352a31d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 05:31:32 GMT
last-modified
Thu, 11 Feb 2021 03:31:20 GMT
server
ECAcc (nwa/E7B9)
etag
"586925d260d71:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Origin, Host, RequestHost, Content-Type, Authorization
content-length
64416
request-context
appId=cid-v1:2964e34f-a0b4-4f01-8527-5d1beeb4cfd9
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31460f4540c083228c18bd93a8ae1c3ac8f6c50e3d0ea9d4331a0d39dbcf61b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
dc.services.visualstudio.com/v2/
96 B
280 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: static.ucareapp.com
URL: https://static.ucareapp.com/dist/common.196fdeca453b2fd60f34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.73.106 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
655c10ce8901cfa86faaf161a7783d2d46a3ea457ea585db16f4cb6e8bc277ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://salvos.ucareapp.com/
accept-language
en-AU,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
34560D3F-A191-4217-9704-73A6520A66F1
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 13 Sep 2022 05:31:33 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.73.106 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://salvos.ucareapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 13 Sep 2022 05:31:33 GMT
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| UCareTenant string| APP_INSIGHTS_KEY object| webpackChunkucare_web_app function| clearImmediate function| setImmediate object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals

2 Cookies

Domain/Path Name / Value
salvos.ucareapp.com/ Name: ai_user
Value: tqxMHmVHWm/mOqqoCQxuzW|2022-09-13T05:31:33.359Z
salvos.ucareapp.com/ Name: ai_session
Value: jMpNr6/iCpf+PlbNvTwZg4|1663047093464|1663047093464

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains