portal.well-thview.com Open in urlscan Pro
18.164.116.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portal.well-thview.com/
Effective URL:
https://portal.well-thview.com/
Submission: On February 01 via manual (February 1st 2023, 5:57:00 pm UTC) from CA — Scanned from CA

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 18.164.116.110, located in United States and belongs to AMAZON-02, US. The main domain is portal.well-thview.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 23rd 2023. Valid for: a year.

This is the only time portal.well-thview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.164.116.92 18.164.116.92	16509 (AMAZON-02) (AMAZON-02)
6	18.164.116.110 18.164.116.110	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3032::6815:39ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.60.82 13.33.60.82	16509 (AMAZON-02) (AMAZON-02)
2	99.83.241.219 99.83.241.219	16509 (AMAZON-02) (AMAZON-02)
1	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
12	6

1 18.164.116.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-92.jfk50.r.cloudfront.net

portal.well-thview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.164.116.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-110.jfk50.r.cloudfront.net

portal.well-thview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:39ea (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-82.ewr52.r.cloudfront.net

well-thview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.241.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa4314b2f84572f89.awsglobalaccelerator.com

auth.well-thview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	well-thview.com 1 redirects portal.well-thview.com well-thview.com auth.well-thview.com	373 KB
2	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 10087 r.lr-ingest.io — Cisco Umbrella Rank: 16154	161 KB
12	2

	Domain	Requested by
7	portal.well-thview.com	1 redirects portal.well-thview.com
2	auth.well-thview.com	portal.well-thview.com
1	r.lr-ingest.io	cdn.lr-ingest.io
1	well-thview.com	portal.well-thview.com
1	cdn.lr-ingest.io	portal.well-thview.com
12	5

This site contains no links.

Subject Issuer	Validity	Valid
well-thview.com Amazon RSA 2048 M02	`2023-01-23` - `2024-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
auth.well-thview.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-03-05`	a year	crt.sh
api.logrocket.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal.well-thview.com/
Frame ID: 980A35108084C1CB6CBE97528843CE39
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Client Portal Login

Page URL History Show full URLs

http://portal.well-thview.com/ HTTP 301
https://portal.well-thview.com/ Page URL

Detected technologies

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Page Statistics

12
Requests

92 %
HTTPS

17 %
IPv6

2
Domains

5
Subdomains

6
IPs

1
Countries

534 kB
Transfer

2068 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portal.well-thview.com/ HTTP 301
https://portal.well-thview.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portal.well-thview.com/
Redirect Chain

http://portal.well-thview.com/
https://portal.well-thview.com/

2 KB
2 KB

172ms
129ms

Document
text/html

18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.well-thview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04e92da1cdae27f70d5425c078b99cc3a82f6399022c90f03da6b0a829a5aca6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html
date: Wed, 01 Feb 2023 17:56:57 GMT
etag: W/"622b404cc74f23f67549ffdfc1401ae2"
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
x-amz-cf-id: 5VnkXCv91XPWjWt-lA_mtHhEr2DgKFlvyRF2sY7AjkQQvbpyK44U8g==
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Wed, 01 Feb 2023 17:56:55 GMT
Location: https://portal.well-thview.com/
Server: CloudFront
Via: 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
X-Amz-Cf-Id: FJQO_7E1sbIE37BPKsutR4EZqnGSZPGOftNaBkRNpg-oZrW2JW0Flw==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Redirect from cloudfront

GET
H2 200 2.4c97ca4f.chunk.css
portal.well-thview.com/static/css/ 157 KB
24 KB 128ms
127ms Stylesheet
text/css 18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.well-thview.com/static/css/2.4c97ca4f.chunk.css
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bebdda0ca447eb1a4a995ebbcc25b753ecc40d3c8ecf0628beab00d98e0bf9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
content-encoding: gzip
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"a7151f01f9c9b00be261fa606f978c51"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=60
x-amz-cf-id: TK2UTbn1BMZ_nR1tLPiy27D7Vxqoob3fi7W8xH_bMqyrTZHqt-O1iQ==

GET
H2 200 main.c9c78567.chunk.css
portal.well-thview.com/static/css/ 4 KB
2 KB 102ms
101ms Stylesheet
text/css 18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.well-thview.com/static/css/main.c9c78567.chunk.css
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e3fed69d5b09031b79d6b5325c606184dd8d92031e68727b4af5421a39ff7df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
content-encoding: gzip
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"c074751640541c5ce1f2f4cb295ec977"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=60
x-amz-cf-id: v8489_msGvdFj6kR_XPRNh7Bbtdr9PX1tvJkjKyR24rPFK3JRtUjeQ==

GET
H2 200 2.c8d1816b.chunk.js Show response
portal.well-thview.com/static/js/ 361 KB
105 KB 111ms
111ms Script
application/javascript 18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.well-thview.com/static/js/2.c8d1816b.chunk.js
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b914c745a43e2cce0e495af50c305e4832903dff32bad90b9de9f0e9cba22115

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
content-encoding: gzip
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"41c1c7d06fcd7c73c5f409c8c8eb2d86"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=60
x-amz-cf-id: UAedtAF4Cqzv41RcMZmLYVG0dXilmc_r4uFJKLboZzykx6LDnuiWMQ==

GET
H2 200 main.56f09784.chunk.js Show response
portal.well-thview.com/static/js/ 151 KB
89 KB 76ms
75ms Script
application/javascript 18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.well-thview.com/static/js/main.56f09784.chunk.js
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9a3ff6bff7c6cd03d3f2b52a4f3418ae0eec0f645d2ad7da92ebd397858030f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
content-encoding: gzip
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: W/"90898c8911c0a8e3be49c00af2c54785"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=60
x-amz-cf-id: i2TMs-fWZxXc3hIDPBQewpCQZq8NCcOksgv-mQ1VKCGdwmPtegtmFA==

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ 802 KB
161 KB 127ms
60ms Script
text/javascript 2606:4700:3032::6815:39ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: portal.well-thview.com
URL: https://portal.well-thview.com/static/js/2.c8d1816b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:39ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1316610b08334e77564c258efc8b79e957260736e0e2f9c7a9b00b76248c28a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:56 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-lga21964-LGA
last-modified: Wed, 01 Feb 2023 16:33:40 GMT
server: cloudflare
x-timer: S1675269384.164583,VS0,VE1
etag: W/"f0ac94866e4c11a896675447e0d49b561abe07720ab8b048af8b6010849494a9"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILZZjBG40hXtkD6Miib6XwssI2OsbQ9e%2B4bT%2FLQwmpL%2FDaoBSKVhir9xIaj%2B%2BykVO%2FuxibwQOnrUsV8iDqcx9CWuhYLawcKP8cXwnPIgXP9tuhYf%2FvWbR32bg0F20RURixGc2IodzQGsHgkMMzx7"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 792c910c0fa1c42a-EWR
x-cache-hits: 1

GET
H2 200 hightower-logo.96de359f.png
well-thview.com/static/media/ 136 KB
136 KB 323ms
84ms Image
image/png 13.33.60.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://well-thview.com/static/media/hightower-logo.96de359f.png
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/menu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-82.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ae395c4cefa31c12a2b9475744e7857c878c6e1f2257b9702183f069fd774ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
via: 1.1 fcd9aaae3f7bd20d13dd07c7cf616378.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 15:00:24 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "87f7c068d3b90745929611a7e6058721"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=60
accept-ranges: bytes
content-length: 138957
x-amz-cf-id: x76pohD1hcE6zSzO9dJBo-HPmXqz7tgRlSb4jjgewO8p2I7SvON8Mg==

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 687ef3c7b1deb02349007ff40ad2ae5454316a58151128d3bab63bf14f446141

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hightower-logo.5f891f6a.png
portal.well-thview.com/static/media/ 12 KB
12 KB 97ms
97ms Image
image/png 18.164.116.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.well-thview.com/static/media/hightower-logo.5f891f6a.png
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-110.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7995f2debe935013b5fe0f2b95eb41e23f5f654cfb22b33a67bf8faf24855d46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:57 GMT
via: 1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 01:08:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
etag: "a29dd8d6a074eba4401ee61dee11ad27"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=60
accept-ranges: bytes
content-length: 12282
x-amz-cf-id: bQjY5rzHqGpnzI_3gATdIeCHdsCH6UdxpV25dWX_Y1gYVk6sto7X7g==

GET
DATA 200
OK truncated
/ 404 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H/1.1 200
OK me
auth.well-thview.com/api/v1/sessions/ 0
0 327ms
63ms Preflight 99.83.241.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.well-thview.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.241.219 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa4314b2f84572f89.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://portal.well-thview.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Wed, 01 Feb 2023 17:56:56 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://portal.well-thview.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com; connect-src 'self' hightowerclients.okta.com hightowerclients-admin.okta.com auth.well-thview.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com hightowerclients.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' hightowerclients.okta.com hightowerclients-admin.okta.com auth.well-thview.com login.okta.com com-okta-authenticator:; img-src 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' hightowerclients.okta.com auth.well-thview.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: Y9qn6ATSyUuwl74_M5T5fQAACB8
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9999
x-rate-limit-reset: 1675274276
x-xss-protection: 0

GET
H/1.1 404
Not Found me Show response
auth.well-thview.com/api/v1/sessions/ 163 B
3 KB 147ms
85ms Fetch
application/json 99.83.241.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.well-thview.com/api/v1/sessions/me

Requested by

Host: portal.well-thview.com
URL: https://portal.well-thview.com/static/js/2.c8d1816b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.241.219 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa4314b2f84572f89.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4dba355f7c7b5743bc1a0db4fa4215abcf793b6b52fb81e15212ed4ce091643a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://portal.well-thview.com/
X-Okta-User-Agent-Extended: @okta/okta-react/5.1.2 okta-auth-js/4.9.2
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: Y9qn6AZlPNWyv9LEDkaS2wAAA2w
Date: Wed, 01 Feb 2023 17:56:56 GMT
content-security-policy: frame-ancestors 'self'
x-rate-limit-limit: 750
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 748
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com; connect-src 'self' hightowerclients.okta.com hightowerclients-admin.okta.com auth.well-thview.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com hightowerclients.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com; style-src 'unsafe-inline' 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' hightowerclients.okta.com hightowerclients-admin.okta.com auth.well-thview.com login.okta.com com-okta-authenticator:; img-src 'self' hightowerclients.okta.com auth.well-thview.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' hightowerclients.okta.com auth.well-thview.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Vary: Accept-Encoding,Origin
Content-Type: application/json
access-control-allow-origin: https://portal.well-thview.com
x-rate-limit-reset: 1675274220
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=100
expires: 0

GET
BLOB 200
OK 9ae616fc-580b-4dd1-9141-4079c2b43786
https://portal.well-thview.com/ 442 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.well-thview.com/9ae616fc-580b-4dd1-9141-4079c2b43786
Requested by: Host: portal.well-thview.com
URL: https://portal.well-thview.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dc8b1bec8d49faec130bfdfd4502404ebe1d310ccf3c849ea21d49344a751ea

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 453087
Content-Type

POST
H2 201 i Show response
r.lr-ingest.io/ 120 B
648 B 273ms
142ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-ingest.io/i?a=mgxe1z%2Fclient-portal&r=5-8a626e3a-5e9a-4e54-9540-6a93b7f80ab2&t=323aff2c-2bc7-454a-afc8-dde5c2ef731e&s=0&rs=0%2Cu&u=4e6baaad-3a09-4368-bd11-01d497fb7808

Requested by

Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger-1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

45de9e55ad5ad025bbf43b8ea4a79dd9983a825579d7e911f88968658e809780

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://portal.well-thview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 17:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"78-EkNMUOv7pmNFHfBZHscBP9Njrvs"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries
content-length: 120

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.well-thview.com/	1970-01-20 09:22:40	Name: _lr_tabs_-mgxe1z%2Fclient-portal Value: {%22sessionID%22:0%2C%22recordingID%22:%225-8a626e3a-5e9a-4e54-9540-6a93b7f80ab2%22%2C%22lastActivity%22:1675274216469}
portal.well-thview.com/	1970-01-20 09:22:40	Name: _lr_hb_-mgxe1z%2Fclient-portal Value: {%22heartbeat%22:1675274216470}
portal.well-thview.com/	1969-12-31 23:59:59	Name: _lr_uf_-mgxe1z Value: 24ce3207-61d3-417e-94b8-3ce4f487b784
auth.well-thview.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: DB6D6A30A5CB6052A48E328C7A3A68DD

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.well-thview.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.well-thview.com
cdn.lr-ingest.io
portal.well-thview.com
r.lr-ingest.io
well-thview.com
104.198.23.205
13.33.60.82
18.164.116.110
18.164.116.92
2606:4700:3032::6815:39ea
99.83.241.219
04e92da1cdae27f70d5425c078b99cc3a82f6399022c90f03da6b0a829a5aca6
0bebdda0ca447eb1a4a995ebbcc25b753ecc40d3c8ecf0628beab00d98e0bf9d
1316610b08334e77564c258efc8b79e957260736e0e2f9c7a9b00b76248c28a2
1ae395c4cefa31c12a2b9475744e7857c878c6e1f2257b9702183f069fd774ec
217d1b91669dd4a21ce0cff140d526b43a3ac1ea5caa5578d5372fde00dadf1d
2dc8b1bec8d49faec130bfdfd4502404ebe1d310ccf3c849ea21d49344a751ea
45de9e55ad5ad025bbf43b8ea4a79dd9983a825579d7e911f88968658e809780
4dba355f7c7b5743bc1a0db4fa4215abcf793b6b52fb81e15212ed4ce091643a
4e3fed69d5b09031b79d6b5325c606184dd8d92031e68727b4af5421a39ff7df
687ef3c7b1deb02349007ff40ad2ae5454316a58151128d3bab63bf14f446141
7995f2debe935013b5fe0f2b95eb41e23f5f654cfb22b33a67bf8faf24855d46
a9a3ff6bff7c6cd03d3f2b52a4f3418ae0eec0f645d2ad7da92ebd397858030f
b914c745a43e2cce0e495af50c305e4832903dff32bad90b9de9f0e9cba22115

portal.well-thview.com Open in urlscan Pro 18.164.116.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

17 %IPv6

2 Domains

5 Subdomains

6 IPs

1 Countries

534 kBTransfer

2068 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

portal.well-thview.com Open in urlscan Pro
18.164.116.110 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

17 %
IPv6

2
Domains

5
Subdomains

6
IPs

1
Countries

534 kB
Transfer

2068 kB
Size

4
Cookies

12 HTTP transactions
2 data transactions