s3.ap-southeast-1.wasabisys.com Open in urlscan Pro
154.18.200.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html#redacted_email
Effective URL:
https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Submission: On January 20 via manual (January 20th 2023, 12:54:57 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 154.18.200.10, located in United States and belongs to BLUEARCHIVE-ZONE-1, US. The main domain is s3.ap-southeast-1.wasabisys.com. The Cisco Umbrella rank of the primary domain is 981675.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 26th 2022. Valid for: a year.

This is the only time s3.ap-southeast-1.wasabisys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	154.18.200.10 154.18.200.10	395717 (BLUEARCHI...) (BLUEARCHIVE-ZONE-1)
7	212.79.87.29 212.79.87.29	25136 (PORTIMA-A...) (PORTIMA-AS Assurnet Portimaisp Belgium Brussels)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
17	7

1 154.18.200.10 (United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)

s3.ap-southeast-1.wasabisys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.79.87.29 (Landen, Belgium)

ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE)
PTR: exts-prod-auth.portima.be

mail.portima.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	portima.be mail.portima.be	656 KB
3	gstatic.com fonts.gstatic.com t1.gstatic.com	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 292	34 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	383 B
1	wasabisys.com s3.ap-southeast-1.wasabisys.com — Cisco Umbrella Rank: 981675	2 MB
17	5

	Domain	Requested by
7	mail.portima.be	s3.ap-southeast-1.wasabisys.com mail.portima.be
2	fonts.gstatic.com	fonts.googleapis.com
1	t1.gstatic.com	s3.ap-southeast-1.wasabisys.com
1	www.google.com	1 redirects
1	ajax.googleapis.com	s3.ap-southeast-1.wasabisys.com
1	fonts.googleapis.com	s3.ap-southeast-1.wasabisys.com
1	s3.ap-southeast-1.wasabisys.com
17	7

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.ap-southeast-1.wasabisys.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.portima.be GlobalSign GCC R3 DV TLS CA 2020	`2022-01-24` - `2023-02-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Frame ID: B9063D69057F1464E70C2D33CF73D777
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redacted_email Webmail

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

71 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

2891 kB
Transfer

3485 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google.com/s2/favicons?domain=redacted_email&sz=256 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://redacted_email&size=256

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request resmail.html Show response
s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/ 2 MB
2 MB 1342ms
1012ms Document
text/html 154.18.200.10
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 154.18.200.10 , United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.11.1599-2022-12-22-5c5d7eb141 (head1) /
Resource Hash: 4cd39c0f6f9dcc80aee297851b95f637e71ba4459d1ca8663f69a607eaf6eb2b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 2226606
Content-Type: text/html
Date: Fri, 20 Jan 2023 12:54:50 GMT
ETag: "7f1d99a74d4467d3a4fc04ea3594b73f"
Last-Modified: Tue, 10 Jan 2023 19:56:31 GMT
Server: WasabiS3/7.11.1599-2022-12-22-5c5d7eb141 (head1)
x-amz-id-2: dyJ9h7hukBtokV7h/sHpKBqW/5f6dThkQh7fe88nrrlUbOdaT6cMPQJm19VNQpiPWEruXYsrThtR
x-amz-request-id: 86E929F4D8AB7B20

GET
H/1.1 200
OK ext-all.css
mail.portima.be/private/ajax/Libraries/Ext/resources/css/ 78 KB
78 KB 147ms
44ms Stylesheet
text/css 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.portima.be/private/ajax/Libraries/Ext/resources/css/ext-all.css?v=1032110
Requested by: Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: 2f49b192440d69cafeac01ade4c670b45f0f1b7570132a5ba3fe4c31ff42b884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:39 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H/1.1 200
OK axi-custom-scrollbar.css
mail.portima.be/private/ajax/Resources/css/ 432 B
720 B 138ms
35ms Stylesheet
text/css 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.portima.be/private/ajax/Resources/css/axi-custom-scrollbar.css?v=1032110
Requested by: Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: a8fe8c3c6fc487521ed9c59b6e2b2cdbfc0430c41ba05bc11f1a038936850dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:39 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H/1.1 200
OK axigen-web-fonts.css
mail.portima.be/css/ 2 KB
2 KB 137ms
25ms Stylesheet
text/css 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.portima.be/css/axigen-web-fonts.css?v=1032110
Requested by: Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: c4a2f3bcf1eaec004f97e830b184cd4f7429fde1af1bc5e6824133aa97c12637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:40 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H/1.1 200
OK style_ajax.css
mail.portima.be/css/ 31 KB
31 KB 155ms
41ms Stylesheet
text/css 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.portima.be/css/style_ajax.css?v=1032110
Requested by: Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: e638c9c7ee3d6b0193c0b0f46b01adc146caae6772a7d68911f2e586a0e80a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:40 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300&family=Titillium+Web:wght@200;300&display=swap

Requested by

Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52b6f83d0bd006110509d98058ef9582d0a40e2288c2b05610c6cc7793500b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Jan 2023 12:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 12:54:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Jan 2023 12:54:51 GMT

GET
H/1.1 200
OK style_ajax_breeze.css
mail.portima.be/css/ 6 KB
6 KB 150ms
25ms Stylesheet
text/css 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.portima.be/css/style_ajax_breeze.css?v=1032110
Requested by: Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: 38b205d0553f5c056f8388beba96862b1d58a1ca45b34090555301b7262dc726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:40 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: text/css; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.ap-southeast-1.wasabisys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 18 Jan 2023 11:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 11:32:37 GMT

GET
H/1.1 200
OK loading-bg-breeze-rpeast-morespace.png
mail.portima.be/private/ajax/Resources/images/theme-breeze/ 535 KB
536 KB 25ms
24ms Image
image/png 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.portima.be/private/ajax/Resources/images/theme-breeze/loading-bg-breeze-rpeast-morespace.png
Requested by: Host: mail.portima.be
URL: https://mail.portima.be/css/style_ajax_breeze.css?v=1032110
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: 9c58e15555dc90abba5267a854147d03eb2d824aaaa49d39139e7ac3c7851c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.portima.be/css/style_ajax_breeze.css?v=1032110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:39 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: image/png; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET
H/1.1 200
OK a-logo.svg
mail.portima.be/images/ajax/ 1 KB
2 KB 22ms
21ms Image
image/svg+xml 212.79.87.29
PORTIMA-AS Assurn...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.portima.be/images/ajax/a-logo.svg
Requested by: Host: mail.portima.be
URL: https://mail.portima.be/css/style_ajax.css?v=1032110
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.79.87.29 Landen, Belgium, ASN25136 (PORTIMA-AS Assurnet Portimaisp Belgium Brussels, BE),
Reverse DNS: exts-prod-auth.portima.be
Software: nginx/1.17.3 /
Resource Hash: 8cda3f7a0c873752e1a0aaee7438f1de93215054c798d5cf7e6af566435a9994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.portima.be/css/style_ajax.css?v=1032110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 12:54:51 GMT
Last-Modified: Thu, 22 Oct 2020 18:38:40 GMT
Server: nginx/1.17.3
Transfer-Encoding: chunked
Front-End-Https: on
Content-Type: image/svg+xml; charset=utf-8
Connection: keep-alive
Expires: Fri, 27 Jan 2023 12:56:49 GMT

GET Source_Sans_Pro_400.woff2
mail.portima.be/fonts/ 0
0

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 127ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300&family=Titillium+Web:wght@200;300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0ec0b8a2d9446bf392622bc2815691bb93e9d6a35372f194ade134f1d4aac07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s3.ap-southeast-1.wasabisys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 10:04:30 GMT
x-content-type-options: nosniff
age: 355821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12296
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 10:04:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
13 KB 119ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;300&family=Titillium+Web:wght@200;300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s3.ap-southeast-1.wasabisys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 08:28:43 GMT
x-content-type-options: nosniff
age: 275168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 08:28:43 GMT

GET Titillium_Web_400.woff2
mail.portima.be/fonts/ 0
0

GET
DATA 200
OK truncated
/ 535 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c58e15555dc90abba5267a854147d03eb2d824aaaa49d39139e7ac3c7851c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

404

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=redacted_email&sz=256
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://redacted_email&size=256

726 B
1010 B

176ms
72ms

Image
image/png

2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://redacted_email&size=256

Requested by

Host: s3.ap-southeast-1.wasabisys.com
URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html

Protocol

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.ap-southeast-1.wasabisys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 12:54:52 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Fri, 20 Jan 2023 12:54:51 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://redacted_email&size=256
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Fri, 20 Jan 2023 13:24:51 GMT

GET Source_Sans_Pro_400.woff
mail.portima.be/fonts/ 0
0

GET Titillium_Web_400.woff
mail.portima.be/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mail.portima.be
URL: https://mail.portima.be/fonts/Source_Sans_Pro_400.woff2

Domain: mail.portima.be
URL: https://mail.portima.be/fonts/Titillium_Web_400.woff2

Domain: mail.portima.be
URL: https://mail.portima.be/fonts/Source_Sans_Pro_400.woff

Domain: mail.portima.be
URL: https://mail.portima.be/fonts/Titillium_Web_400.woff

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html#redacted_email Message: Access to font at 'https://mail.portima.be/fonts/Source_Sans_Pro_400.woff2' from origin 'https://s3.ap-southeast-1.wasabisys.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mail.portima.be/fonts/Source_Sans_Pro_400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html#redacted_email Message: Access to font at 'https://mail.portima.be/fonts/Titillium_Web_400.woff2' from origin 'https://s3.ap-southeast-1.wasabisys.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mail.portima.be/fonts/Titillium_Web_400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html#redacted_email Message: Access to font at 'https://mail.portima.be/fonts/Titillium_Web_400.woff' from origin 'https://s3.ap-southeast-1.wasabisys.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mail.portima.be/fonts/Titillium_Web_400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.ap-southeast-1.wasabisys.com/2vvavy/rnail_cpress8746083_activity_check/resmail.html#redacted_email Message: Access to font at 'https://mail.portima.be/fonts/Source_Sans_Pro_400.woff' from origin 'https://s3.ap-southeast-1.wasabisys.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://mail.portima.be/fonts/Source_Sans_Pro_400.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://redacted_email&size=256 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
mail.portima.be
s3.ap-southeast-1.wasabisys.com
t1.gstatic.com
www.google.com
mail.portima.be
154.18.200.10
212.79.87.29
2a00:1450:4001:802::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2f49b192440d69cafeac01ade4c670b45f0f1b7570132a5ba3fe4c31ff42b884
38b205d0553f5c056f8388beba96862b1d58a1ca45b34090555301b7262dc726
4cd39c0f6f9dcc80aee297851b95f637e71ba4459d1ca8663f69a607eaf6eb2b
52b6f83d0bd006110509d98058ef9582d0a40e2288c2b05610c6cc7793500b5d
570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8cda3f7a0c873752e1a0aaee7438f1de93215054c798d5cf7e6af566435a9994
9c58e15555dc90abba5267a854147d03eb2d824aaaa49d39139e7ac3c7851c0e
a8fe8c3c6fc487521ed9c59b6e2b2cdbfc0430c41ba05bc11f1a038936850dd9
c4a2f3bcf1eaec004f97e830b184cd4f7429fde1af1bc5e6824133aa97c12637
e0ec0b8a2d9446bf392622bc2815691bb93e9d6a35372f194ade134f1d4aac07
e638c9c7ee3d6b0193c0b0f46b01adc146caae6772a7d68911f2e586a0e80a28

s3.ap-southeast-1.wasabisys.com Open in urlscan Pro 154.18.200.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

71 %HTTPS

71 %IPv6

5 Domains

7 Subdomains

7 IPs

3 Countries

2891 kBTransfer

3485 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

11 Console Messages

Indicators

s3.ap-southeast-1.wasabisys.com Open in urlscan Pro
154.18.200.10 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

71 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

2891 kB
Transfer

3485 kB
Size

0
Cookies

17 HTTP transactions
1 data transactions