auth.ultramed.co Open in urlscan Pro
2606:4700::6813:9913 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rwt-test.ultramed.app/
Effective URL:
https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG...
Submission: On April 24 via api (April 24th 2024, 5:43:20 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.ultramed.co.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.

This is the only time auth.ultramed.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	172.67.69.65 172.67.69.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6813:9913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:2359:a000:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
1	104.18.3.36 104.18.3.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.152.19 104.19.152.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	6

12 172.67.69.65 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rwt-test.ultramed.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apiv3.ultramed.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
features.ultramed.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9913 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.ultramed.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:a000:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.152.19 (None, )

ASN13335 (CLOUDFLARENET, US)

auth.ultramed.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ultramed.app 1 redirects rwt-test.ultramed.app apiv3.ultramed.app — Cisco Umbrella Rank: 702149 features.ultramed.app — Cisco Umbrella Rank: 684977	658 KB
3	ultramed.co 1 redirects auth.ultramed.co	31 KB
1	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 19377	12 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6696	63 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
17	5

	Domain	Requested by
8	rwt-test.ultramed.app	1 redirects rwt-test.ultramed.app
3	auth.ultramed.co	1 redirects rwt-test.ultramed.app
2	features.ultramed.app	rwt-test.ultramed.app
2	apiv3.ultramed.app	rwt-test.ultramed.app
1	imagedelivery.net	auth.ultramed.co
1	cdn.auth0.com	auth.ultramed.co
0	static.cloudflareinsights.com Failed	rwt-test.ultramed.app
17	7

This site contains no links.

Subject Issuer	Validity	Valid
ultramed.app E1	`2024-03-13` - `2024-06-11`	3 months	crt.sh
auth.ultramed.co E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
imagedelivery.net E1	`2024-03-23` - `2024-06-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA
Frame ID: 27C1E03CBB03397409EDE37571E356E2
Requests: 14 HTTP requests in this frame

Frame: https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 7A70A2E5D74E848E7D521F5378DE89EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | Ultramed Clinical Portal

Page URL History Show full URLs

https://rwt-test.ultramed.app/ Page URL
https://auth.ultramed.co/authorize?audience=https%3A%2F%2Fapi.ultramed.co&client_id=SsFyA5jNWc4huDYSm... HTTP 302
https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcn... Page URL

Page Statistics

17
Requests

82 %
HTTPS

40 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

762 kB
Transfer

2421 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rwt-test.ultramed.app/ Page URL
https://auth.ultramed.co/authorize?audience=https%3A%2F%2Fapi.ultramed.co&client_id=SsFyA5jNWc4huDYSmEbEnm9n7btplUrR&redirect_uri=https%3A%2F%2Frwt-test.ultramed.app&organization=org_cojrqr8iQCtMACCW&organizationName=rwt-test&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&state=b25Pc3dmdklGNi5sTTBFNnE4SkIzZjNmNDBmdnBxRWZ1SVJsZS1qZTUzSQ%3D%3D&nonce=Qi1lN2N5ak1kR2ltU0NnRTBzbVBadXc4fnVQS2oxVkNYN0FybmlSYWdkTw%3D%3D&code_challenge=9CNdZZw90pQgVXqrn2IQBr1VReR4372XfQlLOhsodpE&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4wIn0%3D HTTP 302
https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
rwt-test.ultramed.app/ 4 KB
2 KB 136ms
95ms Document
text/html 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5776eff7dc821679f77fc7cd4c13c6008b11aa1594c0642b96f08c95cb44fbee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 5236
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8797e502b95165ae-FRA
content-disposition: inline
content-encoding: br
content-security-policy: frame-ancestors data.pa1.ultramed.app;
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 17:43:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpdZqU0dsxDc2tSfD1D%2B83IdchEUfbMqfFr4f3GMiLcWlFXBz8nfffu6fgvB%2BQYQA%2BJClL%2FygE1n5rqhatvu1mgw5A3rNwz5FcnCyPKXGlED0xog1fGtxYiC99tF%2Bvu7FtA3j6N%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-vercel-cache: HIT
x-vercel-id: fra1::hvkzp-1713980595683-a745e256e321
x-xss-protection: 1; mode=block

GET
H3 200 index-4a4494ab.js Show response
rwt-test.ultramed.app/assets/ 2 MB
592 KB 126ms
125ms Script
application/javascript 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/assets/index-4a4494ab.js

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0ebf912d43d43e79eee93aed278b1bbaabae56161a580c3b0d95843b713057

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rwt-test.ultramed.app/
Origin: https://rwt-test.ultramed.app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:15 GMT
content-security-policy: frame-ancestors data.pa1.ultramed.app;
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-disposition: inline; filename="index-4a4494ab.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-vercel-id: fra1::t7gt5-1713980595794-e4c0dcc2a157
server: cloudflare
etag: W/"70a220c1c95017cd7938988bc5fb100f"
x-vercel-cache: HIT
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z02Znu1TC%2FP26ipW9cFouzMwl5Ba6KPCPqL6SHi%2FOBtRexdTzKqssBe%2F8jbhaCfwHWF2HKweQkKMi5a%2F94Ysis7HO7FNy%2B%2FQkSIrvzbEo7NVruq0dOMF7VDWRYSpl3GHL7HXEFyvbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
cf-ray: 8797e5036a5b65ae-FRA

GET
H3 200 index-c4216d0c.css
rwt-test.ultramed.app/assets/ 84 KB
14 KB 86ms
86ms Stylesheet
text/css 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/assets/index-c4216d0c.css

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4216d0c219916630ac80b86599c4b7eb509d27aa49d42613495489245024e54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rwt-test.ultramed.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:15 GMT
content-security-policy: frame-ancestors data.pa1.ultramed.app;
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-disposition: inline; filename="index-c4216d0c.css"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-vercel-id: fra1::gxds4-1713980595782-533003cf133d
server: cloudflare
etag: W/"1ed2cc6db2451389529fe20a4c19a3d2"
x-vercel-cache: HIT
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxnjIa3k6%2F%2F6Ublq9nmxwrhyavyaDJ5T93jJCyMKi5jb5Jh9Cp1pvdyh%2BDZ7k5AfCt5%2FtKa5wqdv82ybMet82ceYdMj5uAL4lOQL1of1uFMuL%2BaF%2FZEEOE0QEnzpzmHcO07lcXocIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
cf-ray: 8797e5036a5e65ae-FRA

GET v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H3

200

main.js Show response
rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 7A70
Redirect Chain

https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

8 KB
4 KB

24ms
23ms

Script
application/javascript

172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

Protocol

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e668b2f8f00c3c7dd59e41caf28e65bd44b326b014386560d3601492510b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNG5aNb6On6P7D9G3234uLFu0OAQfBLGfmi4Xp95Ybs%2Fddig%2F1bH2SMHJbFXPRmNeQ3NnFHFcTPpqo8NaOIiOD3i81XyZfe9IOErmBQdC%2FnQTR09XzefHFxQfmGs4x4Y2yAr3QoVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8797e5058dde65ae-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 24 Apr 2024 17:43:16 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPJg50fEq8120ML65lmpbEfkO1i69OnpDmyxd9A%2BpFEVV6%2FqXcIjSUDajd94%2F8TrU0EOYLzI6ITuGa1rxuh1Jeuh0odCh%2FMPgbJUT7YN2QQvaqGT%2FgsacTb1o0vJkhvUUpsMDGjZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8797e5053d7c65ae-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 inter-latin-variable-wghtOnly-normal-450f3ba4.woff2
rwt-test.ultramed.app/assets/ 37 KB
38 KB 139ms
139ms Font
font/woff2 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/assets/inter-latin-variable-wghtOnly-normal-450f3ba4.woff2

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/assets/index-c4216d0c.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rwt-test.ultramed.app/assets/index-c4216d0c.css
Origin: https://rwt-test.ultramed.app
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
content-security-policy: frame-ancestors data.pa1.ultramed.app;
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="inter-latin-variable-wghtOnly-normal-450f3ba4.woff2"
alt-svc: h3=":443"; ma=86400
content-length: 37924
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-vercel-id: fra1::4kptw-1713980596143-d5fe4c9da519
server: cloudflare
etag: "e08be6d5d433944f7ad52902e4d24db5"
x-vercel-cache: HIT
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2Fmj%2BDNAkG%2FfUAik89ITMJiHFFMlrYyQiM65Q%2BohRjUfx5ai%2BqL2YOZJOO%2Fysth6%2BA0EbpQW0Iv6UIm7yqeBb8bTYUVWPo9ZCcSsGafzxaJXo6lDgetW6TV5krt11pGoscQFnleZmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8797e5059deb65ae-FRA

GET
BLOB 200
OK 98eb8472-cc2e-41ed-9a47-68e8734595c6
https://rwt-test.ultramed.app/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rwt-test.ultramed.app/98eb8472-cc2e-41ed-9a47-68e8734595c6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a0e07f59d956de9a749beb99a98e16a9d30735036f6eccf698a5c7d6e8bd80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 5040
Content-Type: application/javascript

OPTIONS
H3 204 organization
apiv3.ultramed.app/auth/ Frame 0
0 188ms
122ms Preflight
text/html 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apiv3.ultramed.app/auth/organization

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rwt-test.ultramed.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: location
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8797e505f9f89bb0-FRA
content-type: text/html
date: Wed, 24 Apr 2024 17:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jigL2M%2BaMpQBvXECx9uaRygtsUCpdNHQ6pjEtrPL1zWyW8TQkEocz%2F69QRn7FEC6s0VxGl2jEXuDuOv%2BUcAsHird%2F7Gl18uxASMzniH%2BjcmJekp%2FjZiCwvgbA0iq7BllD9NP%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: b18540d5a5d1ab7a595ec085ca1d2b9b
x-content-type-options: nosniff

OPTIONS
H3 204 proxy
features.ultramed.app/ Frame 0
0 140ms
77ms Preflight
text/html 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://features.ultramed.app/proxy?sessionId=479323815&appName=clinical-portal&environment=production

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,if-none-match
Access-Control-Request-Method: GET
Origin: https://rwt-test.ultramed.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,if-none-match
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: ETag
access-control-max-age: 172800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8797e505f9f39bb0-FRA
content-type: text/html
date: Wed, 24 Apr 2024 17:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mr4Le6G7ryAQ6BfodoVGAjqbZ1WUMAEiI5xDRZXdevKafQPLfl0lX4RzndldnZNf6t54Cfj23d8KWwnv73i38nbyjX%2BPXeNOtRWOlhkKr5ACDqytijfK6Vr0PKUpWwKjaNMQwvZj%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Access-Control-Request-Headers
x-cloud-trace-context: d2a02d9756baacece96ebc2e94755123
x-content-type-options: nosniff

POST
H3 200 organization Show response
apiv3.ultramed.app/auth/ 220 B
1 KB 208ms
208ms Fetch
application/json 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apiv3.ultramed.app/auth/organization

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/assets/index-4a4494ab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1097f4b00edd9d6fbbe01bd4981a6d15d5b77ab64b1f304d909eda46350dcffe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https:;upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://rwt-test.ultramed.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https:;upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
access-control-expose-headers: location
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Poehb4bndBMX6t4F1UZklZAZ5P7u1KGDuk76BNDjt8kC9jEMZIboazC7EM5ZFjYBhHHh2cTjYOmLgA94DJ1RGzdN0t8Gmx8cL8Tov879wEtxDzS03GaQoDCB5a9p7jphZfqbQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 571f11a4dbe9a32bc042517313432f44
cf-ray: 8797e506bb009bb0-FRA

GET
H3 200 proxy Show response
features.ultramed.app/ 14 B
573 B 51ms
51ms Fetch
application/json 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://features.ultramed.app/proxy?sessionId=479323815&appName=clinical-portal&environment=production

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/assets/index-4a4494ab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d92a0692609c57e1b3657bc1845d9944b6c64794720d49b0c515f87c5310f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: A3srd9W1SBoiooJL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://rwt-test.ultramed.app/
If-None-Match
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14
server: cloudflare
etag: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcL1Mpb7tWGFf5zdqTykRVkZyJehqX%2F2J2RGtQh9roEILNGK3Vkr7WVm%2BLp1XgxTeLdSdsOUYEqdaoO9bQ8YBE2zNmshz6BlV7bP6K1n%2B5dkhbGRiBUpfKWHaXzhVsDOvCPxDhhu1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public, max-age=2
x-cloud-trace-context: 38e306a0b111337e26b3286eff80562b
cf-ray: 8797e5067a919bb0-FRA

GET
H3 200 favicon-ebc40de5.ico
rwt-test.ultramed.app/assets/ 5 KB
5 KB 68ms
67ms Other
image/vnd.microsoft.icon 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/assets/favicon-ebc40de5.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc40de59e5f91ce81a913108327293ea2d87b7283d4444ccfbf13c3a8184fc8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rwt-test.ultramed.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
content-security-policy: frame-ancestors data.pa1.ultramed.app;
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0LMav5swo2StJhNlZgczPoz9mewevy_8325NL9CaWMo-1713980596-1.0.1.1-uQoYdvso8KYFevVwRCSJOrNZvuUUbC.99_v2gp_kDFN0qZn0.aEJvcRA5ki_4vG8f_QYAU74jb8_T6zDBrmrMG_jfeNxd_pADMmC0LVOVuaYjhi.9qBK5Pqp3Rq7xyNIZppDKx5MeJ1HCMeKiXfk6ff3OkrzuA3EQZWkf_uJkrc; report-to cf-csp-endpoint
content-disposition: inline; filename="favicon-ebc40de5.ico"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-vercel-id: fra1::7hrwz-1713980596133-500c3abd9a63
server: cloudflare
etag: W/"a5233efce96857d3a07e9b829e39f295"
x-vercel-cache: HIT
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2Agkd2TxkbfYpyakDwc%2Bj7%2F3%2FCUfxZLLX%2Fex%2B7onyZe4t6nPtZvaTh3TiOiQdV93w0rjY4tU1bDM6frTqqrgC7owrNKcFd1RFx3FxoxS8xtOdAKbM7kDKkfsaXf8Jx4tJ7tuTBaeg%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=0LMav5swo2StJhNlZgczPoz9mewevy_8325NL9CaWMo-1713980596-1.0.1.1-uQoYdvso8KYFevVwRCSJOrNZvuUUbC.99_v2gp_kDFN0qZn0.aEJvcRA5ki_4vG8f_QYAU74jb8_T6zDBrmrMG_jfeNxd_pADMmC0LVOVuaYjhi.9qBK5Pqp3Rq7xyNIZppDKx5MeJ1HCMeKiXfk6ff3OkrzuA3EQZWkf_uJkrc"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
cf-ray: 8797e5059dea65ae-FRA

POST
H3 200 8797e502b95165ae Show response
rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7A70 0
621 B 44ms
44ms XHR
text/plain 172.67.69.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/h/b/jsd/r/8797e502b95165ae

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Apr 2024 17:43:16 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=za2lr6nDRGd5klNZb149Z0xlfRsSvEwb8w6r8RMoez314PeJpZqYu863PmoUuETNhiQIu8VOwO52aNCeVkiqR4aGgTnm67tU0fRAs0jPhv2V3taV7F%2Fnv1T3jJGLk0%2BZSbEzS2zZYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8797e5061ec665ae-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

Primary Request login Show response
auth.ultramed.co/u/
Redirect Chain

https://auth.ultramed.co/authorize?audience=https%3A%2F%2Fapi.ultramed.co&client_id=SsFyA5jNWc4huDYSmEbEnm9n7btplUrR&redirect_uri=https%3A%2F%2Frwt-test.ultramed.app&organization=org_cojrqr8iQCtMAC...
https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYk...

29 KB
29 KB

110ms
110ms

Document
text/html

2606:4700::6813:9913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA

Requested by

Host: rwt-test.ultramed.app
URL: https://rwt-test.ultramed.app/assets/index-4a4494ab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5983c1a7b9375b0f29ab5c424b88ba56e31e6aea343ab68ba7581fa2ff0d079

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rwt-test.ultramed.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8797e509dd3d3655-FRA
content-language: en
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 17:43:16 GMT
etag: W/"724c-6+9Q9z02rSqc3bymDjyahpDPvms"
expires: Wed, 24 Apr 2024 17:43:16 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: dde75391c9c0179bdc37
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 20
x-ratelimit-remaining: 19
x-ratelimit-reset: 1713980603
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8797e5087b283655-FRA
content-length: 542
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 17:43:16 GMT
location: /u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 711869b8d823ed73e4e1
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1713980597

GET
H2 200 main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.91.1/css/ 273 KB
63 KB 62ms
8ms Stylesheet
text/css 2600:9000:2359:a000:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/ulp/react-components/1.91.1/css/main.cdn.min.css

Requested by

Host: auth.ultramed.co
URL: https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:a000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

047a68719f5d0b97eb39b00b99d484f6e0b188ee0ca656cc905e561ecb515977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nVfygoBeeEI9nA4BgXjNZmFlME9t_6j5
content-encoding: gzip
via: 1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
date: Wed, 24 Apr 2024 01:05:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 59862
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Tue, 09 Apr 2024 11:07:11 GMT
server: AmazonS3
etag: W/"8b8f967f643b52dad846cd1fab8047c7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-robots-tag: noindex
x-amz-cf-id: lfjT7-EHofSHqt5AeVQZh3Kg4gdoLMAWw0xlp6jl1lidzWGaGWI-aw==

GET
H3 200 public
imagedelivery.net/159dYyNX5JikfgLbdllyuA/4b3c086a-19d0-4d27-141d-3bc97af90c00/ 12 KB
12 KB 1262ms
1235ms Image
image/avif 104.18.3.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/159dYyNX5JikfgLbdllyuA/4b3c086a-19d0-4d27-141d-3bc97af90c00/public

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a2c297c616d6000dad8b41cc8e4b817529a0c099d46c48c9068440f3fd1d6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=772+304 c=0+0 v=2024.4.0 l=11876
date: Wed, 24 Apr 2024 17:43:18 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 11876
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfetsXlgI4K7tPi_GXFKN1WPYrfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 8797e50abc6ca02e-FRA

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin: https://auth.ultramed.co
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 404 favicon.ico
auth.ultramed.co/ 9 B
495 B 86ms
86ms Other
text/plain 104.19.152.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.ultramed.co/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://auth.ultramed.co/u/login?state=hqFo2SBobk5WTWE2QUQ5LUdycHdlRWZseE90V19MdXdFN2t2baFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGwwTHlpbU1MNXJ2ZHNXY3htM2ZOV21QeGxjMWxUTWc4o2NpZNkgU3NGeUE1ak5XYzRodURZU21FYkVubTluN2J0cGxVclKlb3JnaWS0b3JnX2NvanJxcjhpUUN0TUFDQ1enb3JnbmFtZahyd3QtdGVzdA
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 17:43:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-auth0-not-found: 1
cf-cache-status: MISS
x-auth0-requestid: 28dc366c9ee875d35680
server: cloudflare
x-content-type-options: nosniff
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: public, max-age=300
cf-ray: 8797e5128fb96973-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ultramed.app/	1970-01-21 04:51:56	Name: cf_clearance Value: jUhpcvK51XYGQCPn0IQZy2EPFIv7IObbjpMbaUrgD_o-1713980596-1.0.1.1-nPoOdiRZZp19UtC8.H8ms2Pjm91vgnBnTmyIvi6Kpyh.FsYqtl.0rN_4Knf8.CFCRut2N8XyaEzDObHZcF5B6A
auth.ultramed.co/	1969-12-31 23:59:59	Name: did Value: s%3Av0%3A21ad22a0-0262-11ef-9827-23b976be8905.vU9BmgoPTdsf4u%2FYYmq640JrZOmreNRIAFH%2F4SSiK1M
auth.ultramed.co/	1969-12-31 23:59:59	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHV3HxycSZzxN9zaGxydOrwYLOD9iPMcjUZYCRyscdkfITKVXY9jAKQ5Bxx6Ghb_pGMayn_twDlWKNqVI52P_uemY29va2llg6dleHBpcmVz1_-xJR8AZi05NK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ZXUHC9sNZ1al5AKOk8vhFSgkw0Uozfp5FANsK7l%2FFAE
auth.ultramed.co/	1969-12-31 23:59:59	Name: did_compat Value: s%3Av0%3A21ad22a0-0262-11ef-9827-23b976be8905.vU9BmgoPTdsf4u%2FYYmq640JrZOmreNRIAFH%2F4SSiK1M
auth.ultramed.co/	1969-12-31 23:59:59	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHV3HxycSZzxN9zaGxydOrwYLOD9iPMcjUZYCRyscdkfITKVXY9jAKQ5Bxx6Ghb_pGMayn_twDlWKNqVI52P_uemY29va2llg6dleHBpcmVz1_-xJR8AZi05NK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ZXUHC9sNZ1al5AKOk8vhFSgkw0Uozfp5FANsK7l%2FFAE
.auth.ultramed.co/	1970-01-20 20:06:22	Name: __cf_bm Value: qw4E_ApyqrGhjTJuAaik1Fu_kAreJeNuFOCVw3FnfNw-1713980598-1.0.1.1-0BkxMc1iM3OJLJcZ9NAZSajsh8q972peVLxShWbp7pk5wgtx6AEzcp0HGHCEH.fq

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://rwt-test.ultramed.app/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' https://vercel.live https://.ultramed.dev https://.ultramed.tech https://.ultramed.live https://.ultramed.app https://.ultramed.co wss://.ultramed.dev wss://.ultramed.tech wss://.ultramed.live wss://.ultramed.app wss://.ultramed.co .eu.auth0.com https://.productfruits.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://auth.ultramed.co/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors data.pa1.ultramed.app;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiv3.ultramed.app
auth.ultramed.co
cdn.auth0.com
features.ultramed.app
imagedelivery.net
rwt-test.ultramed.app
static.cloudflareinsights.com
static.cloudflareinsights.com
104.18.3.36
104.19.152.19
172.67.69.65
2600:9000:2359:a000:10:474e:104a:2961
2606:4700::6813:9913
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
047a68719f5d0b97eb39b00b99d484f6e0b188ee0ca656cc905e561ecb515977
0e668b2f8f00c3c7dd59e41caf28e65bd44b326b014386560d3601492510b743
1097f4b00edd9d6fbbe01bd4981a6d15d5b77ab64b1f304d909eda46350dcffe
2d92a0692609c57e1b3657bc1845d9944b6c64794720d49b0c515f87c5310f42
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
5776eff7dc821679f77fc7cd4c13c6008b11aa1594c0642b96f08c95cb44fbee
5e0ebf912d43d43e79eee93aed278b1bbaabae56161a580c3b0d95843b713057
80a0e07f59d956de9a749beb99a98e16a9d30735036f6eccf698a5c7d6e8bd80
a7a2c297c616d6000dad8b41cc8e4b817529a0c099d46c48c9068440f3fd1d6c
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
c4216d0c219916630ac80b86599c4b7eb509d27aa49d42613495489245024e54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5983c1a7b9375b0f29ab5c424b88ba56e31e6aea343ab68ba7581fa2ff0d079
ebc40de59e5f91ce81a913108327293ea2d87b7283d4444ccfbf13c3a8184fc8

auth.ultramed.co Open in urlscan Pro 2606:4700::6813:9913 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

82 %HTTPS

40 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

762 kBTransfer

2421 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

auth.ultramed.co Open in urlscan Pro
2606:4700::6813:9913 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

40 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

762 kB
Transfer

2421 kB
Size

6
Cookies

17 HTTP transactions
1 data transactions