r1.ourmailer.com Open in urlscan Pro
104.17.141.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Submission: On August 22 via api (August 22nd 2023, 1:30:34 pm UTC) from IE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.17.141.204, located in and belongs to CLOUDFLARENET, US. The main domain is r1.ourmailer.com.
TLS certificate: Issued by GTS CA 1P5 on July 22nd 2023. Valid for: 3 months.

This is the only time r1.ourmailer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.17.141.204 104.17.141.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:1e3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

5 104.17.141.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r1.ourmailer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:1e3d (United States)

ASN13335 (CLOUDFLARENET, US)

i.emlfiles4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ourmailer.com 1 redirects r1.ourmailer.com	10 KB
4	emlfiles4.com i.emlfiles4.com — Cisco Umbrella Rank: 28997	204 KB
8	2

	Domain	Requested by
5	r1.ourmailer.com	1 redirects r1.ourmailer.com
4	i.emlfiles4.com	r1.ourmailer.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
r1.ourmailer.com GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
i.emlfiles4.com GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Frame ID: 04EF3227318353A18A721810B0D07467
Requests: 6 HTTP requests in this frame

Frame: https://r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 27528B1448E28C0B70FB8D444C50F69C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Latest Mobility Study for the Energy Industry

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

214 kB
Transfer

239 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://r1.ourmailer.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cr.aspx Show response
r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/ 29 KB
6 KB 169ms
104ms Document
text/html 104.17.141.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.141.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b89bab3a3888c3b8c946ab72f16839722d4699d8f0d730668eb2d1be1e0f698

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fab787c0e6835e7-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 22 Aug 2023 13:30:29 GMT
server: cloudflare

GET
H2 200 489095_surveyemailheader.png
i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/ 31 KB
31 KB 174ms
108ms Image
image/png 2606:4700::6811:1e3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/489095_surveyemailheader.png
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:1e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b77b26271dd5742eef1afa74ea9211c672702f4e541385b7f154ec149bfcda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r1.ourmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
x-amz-version-id: null
cf-cache-status: MISS
last-modified: Thu, 21 Nov 2019 19:56:52 GMT
server: cloudflare
x-amz-request-id: FN0XQ8W0VSWNFNPJ
etag: "67445f9343e00dc4f05e266aecceefe6"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 7fab787d2de52c4f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31574
x-amz-id-2: zC9J+zf+YO4pLP1JGyuizH3hV/uziP0Q/AtUkNf3cFQuIXQ4CIFc8A+Z56yZm4AJVqu/yWezSKw=

GET
H2 200 s.gif
i.emlfiles4.com/cmpimg/t/ 43 B
419 B 87ms
21ms Image
image/gif 2606:4700::6811:1e3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/t/s.gif
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:1e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r1.ourmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: Z4BFYRAFC3QMZCJ6
age: 1774
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-id-2: Q0Y6KwExRti2fMjtcGNy/QGDCXAk96g2Lx/lvlIJJGRlgCFXgP4RKfc1sPNnT4ElAZnYKKwa/s0=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Oct 2014 09:21:49 GMT
server: cloudflare
etag: "325472601571f31e1bf00674c368d335"
vary: Accept-Encoding
content-type: image/gif
accept-ranges: bytes
cf-ray: 7fab787d2de72c4f-FRA

GET
H2 200 w660_139296_bobbimaniglia150wideemialpic.jpg
i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/imagecache/1436494/ 133 KB
133 KB 206ms
140ms Image
image/jpeg 2606:4700::6811:1e3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/imagecache/1436494/w660_139296_bobbimaniglia150wideemialpic.jpg
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:1e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519f691ae3b5b9150b14bac4d8ef7c58139e6a07a4c2ddb4d35654e3eb125a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r1.ourmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
x-amz-version-id: B4dRf8TUabYZ6S2o4eyVtzrYbUCQUrs5
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 16:30:05 GMT
server: cloudflare
x-amz-request-id: FN0J4F3B3MG7J5T5
etag: "0e7d40d490521de63b746fd6d37cafca"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7fab787d2de92c4f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 136207
x-amz-id-2: fo4IBzENqfRkQ0ZBonFMGqOwO1GNZiRc6Bkhs5cat0z9TLlBCE7yjIUpi1TfyaYCqoHc5+AbEE0=

GET
H2 200 937598_trippelawardwinnersymbol_081021.png
i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/ 39 KB
39 KB 210ms
144ms Image
image/png 2606:4700::6811:1e3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/0/6/6/1/2/2/files/937598_trippelawardwinnersymbol_081021.png
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:1e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7eb7c87ac1aa67d6ee7e23f033e316f49c5c9dc0ee46aea2d82c61a7972ce16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r1.ourmailer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
x-amz-version-id: null
cf-cache-status: MISS
last-modified: Thu, 09 Sep 2021 15:10:43 GMT
server: cloudflare
x-amz-request-id: FN0YF99AM6YWRVHD
etag: "5624395ce9559bccc57d7334d94066d3"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 7fab787d2deb2c4f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39929
x-amz-id-2: vVO+xi1WpR11+4guYyTJXKTJzkzxqBvETJBNRhLv/240X0M5o7mVmTWgty57obs9d5VB3TfStJE=

GET
H2 200 o.gif
r1.ourmailer.com/4R18-USEM-62MEGP/ 43 B
170 B 90ms
87ms Image
image/gif 104.17.141.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r1.ourmailer.com/4R18-USEM-62MEGP/o.gif
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.141.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Aug 2023 13:30:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
cache-control: private, max-age=0
accept-ranges: bytes
cf-ray: 7fab787ccf9035e7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3

200

invisible.js Show response
r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 2752
Redirect Chain

https://r1.ourmailer.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

19ms
19ms

Script
application/javascript

104.17.141.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/4R18-USEM-B8295B46AE325E3262MEGPB411539EC5D3A71F/cr.aspx

Protocol

Server

104.17.141.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540f6122b114efe2fc91e566e28b78cff910f905a4022046e9a7373224549a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fab787d4c36bbbc-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 22 Aug 2023 13:30:29 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7fab787d2c0dbbbc-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7fab787c0e6835e7 Show response
r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2752 0
292 B 32ms
31ms XHR
text/plain 104.17.141.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.ourmailer.com/cdn-cgi/challenge-platform/h/g/cv/result/7fab787c0e6835e7
Requested by: Host: r1.ourmailer.com
URL: https://r1.ourmailer.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.141.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 13:30:29 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7fab787e4db3bbbc-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.r1.ourmailer.com/	1970-01-20 14:11:52	Name: __cf_bm Value: q.os8_IlC4TNmlvNf8f3LXK88mLw.YwvrxwZUwSNA.E-1692711029-0-AZnG0MVVM7dX0fvXS2ywimLAlLuuNT4GUGTBNJfv+insZvPatlyIdTCmp+N/HYar5muUM8qEAwQ4RxHf8LVHvmQ=
r1.ourmailer.com/	1970-01-20 14:13:13	Name: __cflb Value: 0H28vbka3Tp63XFuYsqHHrawjcNu2Nctcd2x7ScBCTv
.r1.ourmailer.com/	1970-01-20 22:57:27	Name: cf_clearance Value: 9MuVsnJwDMVn9BtlBsJPL5I7ELzTlPVi3kmkI.EBrCw-1692711029-0-1-d054f0fa.46b680f9.962269e6-0.2.1692711029

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.emlfiles4.com
r1.ourmailer.com
104.17.141.204
2606:4700::6811:1e3d
0b89bab3a3888c3b8c946ab72f16839722d4699d8f0d730668eb2d1be1e0f698
1b77b26271dd5742eef1afa74ea9211c672702f4e541385b7f154ec149bfcda8
519f691ae3b5b9150b14bac4d8ef7c58139e6a07a4c2ddb4d35654e3eb125a8c
540f6122b114efe2fc91e566e28b78cff910f905a4022046e9a7373224549a11
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a7eb7c87ac1aa67d6ee7e23f033e316f49c5c9dc0ee46aea2d82c61a7972ce16
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

r1.ourmailer.com Open in urlscan Pro 104.17.141.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

214 kBTransfer

239 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

r1.ourmailer.com Open in urlscan Pro
104.17.141.204 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

214 kB
Transfer

239 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions