urlscan.io logo urlscan.io
SecurityTrails logo

pub-a31240c9488547acb2baf734cf588b1e.r2.dev Open in urlscan Pro
2606:4700::6812:223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.buoyhealth.com/bazaar/redirect/?careResourceURL=aHR0cHM6Ly9hcGkucGFwZXJmbGl0ZS5jb20vbGlua3MvNjU3OTliOTQ1YzdjMjY...
Effective URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email...
Submission: On September 11 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-a31240c9488547acb2baf734cf588b1e.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.
This is the only time pub-a31240c9488547acb2baf734cf588b1e.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.164.96.23 16509 (AMAZON-02)
1 1 34.229.2.67 14618 (AMAZON-AES)
1 1 167.89.115.54 11377 (SENDGRID)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 1
Apex Domain
Subdomains		 Transfer
4 r2.dev
pub-a31240c9488547acb2baf734cf588b1e.r2.dev
34 KB
1 sendgrid.net
u46778986.ct.sendgrid.net
390 B
1 paperflite.com
api.paperflite.com
1 KB
1 buoyhealth.com
www.buoyhealth.com — Cisco Umbrella Rank: 876010
1 KB
4 4
Domain Requested by
4 pub-a31240c9488547acb2baf734cf588b1e.r2.dev pub-a31240c9488547acb2baf734cf588b1e.r2.dev
1 u46778986.ct.sendgrid.net 1 redirects
1 api.paperflite.com 1 redirects
1 www.buoyhealth.com 1 redirects
4 4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.r2.dev
E6		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
Frame ID: 60A91C1EC15235DECD4640F1D9D0ACC9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://www.buoyhealth.com/bazaar/redirect/?careResourceURL=aHR0cHM6Ly9hcGkucGFwZXJmbGl0ZS5jb20vbGlua3M... HTTP 302
    https://api.paperflite.com/links/65799b945c7c266abb37207e/65799b935c7c266abb372022?redirect=https://u46... HTTP 302
    https://u46778986.ct.sendgrid.net/ls/click?upn=u001.wHfP2dXjn6GcdEIcnu5aADas57osbQPY2UtqFK8P3wHZ-2Bs0KscgMv8TO... HTTP 302
    https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Spring... Page URL

Page Statistics

4
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

1
Countries

34 kB
Transfer

33 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.buoyhealth.com/bazaar/redirect/?careResourceURL=aHR0cHM6Ly9hcGkucGFwZXJmbGl0ZS5jb20vbGlua3MvNjU3OTliOTQ1YzdjMjY2YWJiMzcyMDdlLzY1Nzk5YjkzNWM3YzI2NmFiYjM3MjAyMj9yZWRpcmVjdD1odHRwczovL3U0Njc3ODk4Ni5jdC5zZW5kZ3JpZC5uZXQlMkZscyUyRmNsaWNrJTNGdXBuJTNEdTAwMS53SGZQMmRYam42R2NkRUljbnU1YUFEYXM1N29zYlFQWTJVdHFGSzhQM3dIWi0yQnMwS3NjZ012OFRPeTM3VEpEeC0yQlVER0lhUUxsV1k3U0dVTDlDOTBoMDN3LTJGNy0yQk5qbG9Hay0yQk9ZOFhBeDZuTmhabjJSTHFzVnFqMmxqb3dhQ2hQWFJUMGlLLTJCWG1MRy0yQmhHc3lUaG1KWHJMMVR6N292MmpyRzBZdWJraU9oS0hhSTVaOHBQSFl0UUZESkZZS1UtMkZ5NENVSXFwNE5aSDBOV3YwNDZ0dVBMOXVRdWRXM0Vsa0o4ZGV2cVl6NHFXSXM3S3lVenM3dVA3VkZaYmtXeG1VNE1sRUJJSlFvWWJiZ0tqQjlHaEZyVWwzenctM0QtM0Q5ZzZ3X0NBd0NHbzRjNHZKRFhBcHU3aFNFNWc3dDhmSXAwWkxPVGlSSjVzTzBCaTA4RElKT1lSb1ZFbVJ4SkNaRlk1NHpXWUliSmVzemdNUHRZdWlMMTlETU5HMEtsYTNKY29wLTJGaVVsQk1jVDQ0QkpqLTJCYWMwckRBNkxXRTFTV1hYS2Z6WUoxUmJGamFmc0NLTEFtY29Zb3dSdHY0eDZyakVpQ2tEWnpBTkY0T1JjVVNZTlROZS0yRllnaEd6emcxQXdIMUFHN0F2RHBsdjhheURkVEJBbXFaMVdJZXUtMkJSdk52cmEtMkZOQU82NDNrcmR5VFpSUnA5UGlSV0FkVFVjcmJ6OURmTGpWSW8wUFcyMUxvZnlKb3YxYkZIUVdXVFVTUzJhRkZFaEJvMDVzSHJuMENnZU12akNvLTJGYXRRVW8zUTFtV0RlaklsMzlzckQ0WlM3Y2hGOUZiTlpVMVJqTm1JcEcxdUtxby0yRmZKR05BMjd3MVpQRGROalhiSUFNR0Zkb3otMkJZS3RYb0FBOVNhYk5BM1pObk85dURoYk8tMkZCRk5aM0lFT0Y4aWxaZDRZLTJCLTJGajBiMWJ4bmhqV1gtMkJ4V0pEN1lzc0VERWExQkQ= HTTP 302
    https://api.paperflite.com/links/65799b945c7c266abb37207e/65799b935c7c266abb372022?redirect=https://u46778986.ct.sendgrid.net%2Fls%2Fclick%3Fupn%3Du001.wHfP2dXjn6GcdEIcnu5aADas57osbQPY2UtqFK8P3wHZ-2Bs0KscgMv8TOy37TJDx-2BUDGIaQLlWY7SGUL9C90h03w-2F7-2BNjloGk-2BOY8XAx6nNhZn2RLqsVqj2ljowaChPXRT0iK-2BXmLG-2BhGsyThmJXrL1Tz7ov2jrG0YubkiOhKHaI5Z8pPHYtQFDJFYKU-2Fy4CUIqp4NZH0NWv046tuPL9uQudW3ElkJ8devqYz4qWIs7KyUzs7uP7VFZbkWxmU4MlEBIJQoYbbgKjB9GhFrUl3zw-3D-3D9g6w_CAwCGo4c4vJDXApu7hSE5g7t8fIp0ZLOTiRJ5sO0Bi08DIJOYRoVEmRxJCZFY54zWYIbJeszgMPtYuiL19DMNG0Kla3Jcop-2FiUlBMcT44BJj-2Bac0rDA6LWE1SWXXKfzYJ1RbFjafsCKLAmcoYowRtv4x6rjEiCkDZzANF4ORcUSYNTNe-2FYghGzzg1AwH1AG7AvDplv8ayDdTBAmqZ1WIeu-2BRvNvra-2FNAO643krdyTZRRp9PiRWAdTUcrbz9DfLjVIo0PW21LofyJov1bFHQWWTUSS2aFFEhBo05sHrn0CgeMvjCo-2FatQUo3Q1mWDejIl39srD4ZS7chF9FbNZU1RjNmIpG1uKqo-2FfJGNA27w1ZPDdNjXbIAMGFdoz-2BYKtXoAA9SabNA3ZNnO9uDhbO-2FBFNZ3IEOF8ilZd4Y-2B-2Fj0b1bxnhjWX-2BxWJD7YssEDEa1BD HTTP 302
    https://u46778986.ct.sendgrid.net/ls/click?upn=u001.wHfP2dXjn6GcdEIcnu5aADas57osbQPY2UtqFK8P3wHZ-2Bs0KscgMv8TOy37TJDx-2BUDGIaQLlWY7SGUL9C90h03w-2F7-2BNjloGk-2BOY8XAx6nNhZn2RLqsVqj2ljowaChPXRT0iK-2BXmLG-2BhGsyThmJXrL1Tz7ov2jrG0YubkiOhKHaI5Z8pPHYtQFDJFYKU-2Fy4CUIqp4NZH0NWv046tuPL9uQudW3ElkJ8devqYz4qWIs7KyUzs7uP7VFZbkWxmU4MlEBIJQoYbbgKjB9GhFrUl3zw-3D-3D9g6w_CAwCGo4c4vJDXApu7hSE5g7t8fIp0ZLOTiRJ5sO0Bi08DIJOYRoVEmRxJCZFY54zWYIbJeszgMPtYuiL19DMNG0Kla3Jcop-2FiUlBMcT44BJj-2Bac0rDA6LWE1SWXXKfzYJ1RbFjafsCKLAmcoYowRtv4x6rjEiCkDZzANF4ORcUSYNTNe-2FYghGzzg1AwH1AG7AvDplv8ayDdTBAmqZ1WIeu-2BRvNvra-2FNAO643krdyTZRRp9PiRWAdTUcrbz9DfLjVIo0PW21LofyJov1bFHQWWTUSS2aFFEhBo05sHrn0CgeMvjCo-2FatQUo3Q1mWDejIl39srD4ZS7chF9FbNZU1RjNmIpG1uKqo-2FfJGNA27w1ZPDdNjXbIAMGFdoz-2BYKtXoAA9SabNA3ZNnO9uDhbO-2FBFNZ3IEOF8ilZd4Y-2B-2Fj0b1bxnhjWX-2BxWJD7YssEDEa1BD HTTP 302
    https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 62723d340c.html
pub-a31240c9488547acb2baf734cf588b1e.r2.dev/
Redirect Chain
  • https://www.buoyhealth.com/bazaar/redirect/?careResourceURL=aHR0cHM6Ly9hcGkucGFwZXJmbGl0ZS5jb20vbGlua3MvNjU3OTliOTQ1YzdjMjY2YWJiMzcyMDdlLzY1Nzk5YjkzNWM3YzI2NmFiYjM3MjAyMj9yZWRpcmVjdD1odHRwczovL3U0N...
  • https://api.paperflite.com/links/65799b945c7c266abb37207e/65799b935c7c266abb372022?redirect=https://u46778986.ct.sendgrid.net%2Fls%2Fclick%3Fupn%3Du001.wHfP2dXjn6GcdEIcnu5aADas57osbQPY2UtqFK8P3wHZ-...
  • https://u46778986.ct.sendgrid.net/ls/click?upn=u001.wHfP2dXjn6GcdEIcnu5aADas57osbQPY2UtqFK8P3wHZ-2Bs0KscgMv8TOy37TJDx-2BUDGIaQLlWY7SGUL9C90h03w-2F7-2BNjloGk-2BOY8XAx6nNhZn2RLqsVqj2ljowaChPXRT0iK-2B...
  • https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e2201a380eb51f8c282dc21a4a8a70008523960c149395563e661760f487d07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
8c1ade4f49a3a260-YUL
Connection
keep-alive
Content-Length
5623
Content-Type
text/html
Date
Wed, 11 Sep 2024 21:49:34 GMT
ETag
"48fa295e1e0e3d9195605121c7d06c28"
Last-Modified
Mon, 09 Sep 2024 14:53:23 GMT
Server
cloudflare
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
221
Content-Type
text/html; charset=utf-8
Date
Wed, 11 Sep 2024 21:49:33 GMT
Location
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
Server
nginx
X-Robots-Tag
noindex, nofollow
transparent.gif
pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/js/ 		553 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a262fe50874400d
Requested by
Host: pub-a31240c9488547acb2baf734cf588b1e.r2.dev
URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8caf11b83feb15665491d9f3d0d788299fa8a94adc7adbc256acc0917f5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 11 Sep 2024 21:49:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
8c1ade52bc1ca260-YUL
transparent.gif
pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/nojs/ 		553 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a262fe50874400d
Requested by
Host: pub-a31240c9488547acb2baf734cf588b1e.r2.dev
URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8caf11b83feb15665491d9f3d0d788299fa8a94adc7adbc256acc0917f5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 11 Sep 2024 21:49:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
8c1ade52ec37a260-YUL
favicon.ico
pub-a31240c9488547acb2baf734cf588b1e.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

Referer
https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/62723d340c.html?redirect_mongo_id=66df0c0e62194c1a6c978a02&utm_source=Springbot&utm_medium=Email&utm_campaign=66df0c0e62194c1a6c978a03
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Wed, 11 Sep 2024 21:49:35 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
8c1ade5ab97ca260-YUL
Content-Length
27150
Vary
Accept-Encoding
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| redirect_url string| path object| parts function| isBase64

3 Cookies

Domain/Path Name / Value
www.buoyhealth.com/bazaar Name: INGRESSCOOKIE
Value: 1726091374.582.321.685328|1b5978e23a1f4704785ceb2729662a0f
api.paperflite.com/ Name: AWSALB
Value: j4uCrZxhE0pnYsF/USdIiOSVsoPVJuix4i3wduiAFKFy+bKgInetWo6qvrGoqfRazZMXIAcVu+fhH+hrfZp4dZ4OSKYY9gbvCBiDYryiRC3jM/6P5B1AhojIMed0
api.paperflite.com/ Name: AWSALBCORS
Value: j4uCrZxhE0pnYsF/USdIiOSVsoPVJuix4i3wduiAFKFy+bKgInetWo6qvrGoqfRazZMXIAcVu+fhH+hrfZp4dZ4OSKYY9gbvCBiDYryiRC3jM/6P5B1AhojIMed0

3 Console Messages

Source Level URL
Text
network error URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a262fe50874400d
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a262fe50874400d
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-a31240c9488547acb2baf734cf588b1e.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)