urlscan.io logo urlscan.io
SecurityTrails logo

smail.ulprospector.com Open in urlscan Pro
169.53.6.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3D...
Submission Tags: falconsandbox
Submission: On September 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 169.53.6.122, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is smail.ulprospector.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 15th 2020. Valid for: 2 years.
This is the only time smail.ulprospector.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 169.53.6.122 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
7 3
Domain Requested by
4 images.ulprospector.com smail.ulprospector.com
2 smail.ulprospector.com smail.ulprospector.com
1 fonts.googleapis.com smail.ulprospector.com
7 3

This site contains no links.

Subject Issuer Validity Valid
*.ulprospector.com
GeoTrust RSA CA 2018		 2020-01-15 -
2022-02-28		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Frame ID: 89A5857C6662D73C76FDAB19CCFF5D39
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UL Prospector®

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

41 kB
Transfer

40 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp
smail.ulprospector.com/t/ 		20 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.53.6.122 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
smail1.ulprospector.com
Software
/
Resource Hash
8ccbd34e748428f1c112f028ce07b7700284e04bd7ef185aa1927d3dcfc468ed

Request headers

Host
smail.ulprospector.com:8443
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 15:18:10 GMT
Server
Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Expires
-1
Pragma
no-cache
X-UA-Compatible
IE=edge
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset="UTF-8"
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open-Sans
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://smail.ulprospector.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gbH1AAibbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTPAVsaa
smail.ulprospector.com/t/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smail.ulprospector.com:8443/t/gbH1AAibbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTPAVsaa?l=xZ2j0l~25CspU-0U.oU.kS~amp;l=hpmzk1~25w8Zk-kk.Yk.Ui~amp;d=
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.53.6.122 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
smail1.ulprospector.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
smail.ulprospector.com:8443
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Connection
keep-alive
Referer
https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Sep 2021 15:18:10 GMT
Server
Content-Type
text/html;charset=ascii
Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Connection
close
Content-Length
0
Expires
-1
ulpro_wh.png
images.ulprospector.com/Search/SpotlightImages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ulprospector.com/Search/SpotlightImages/ulpro_wh.png
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d32e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8963921d3f3752465ef4ebcda9cf11dc7df79cd365c9c8e0d277fcfff9c238c7
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://smail.ulprospector.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:18:10 GMT
vary
Accept
cf-cache-status
HIT
age
2635392
cf-polished
origFmt=png, origSize=2794
content-disposition
inline; filename="ulpro_wh.webp"
content-length
2682
last-modified
Tue, 09 Jul 2019 20:42:57 GMT
server
cloudflare
etag
"c68c6e39636d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 20 Aug 2030 00:00:00 GMT
cache-control
public, max-age=282386510
accept-ranges
bytes
cf-ray
68b0e87b2eee42e7-FRA
cf-bgj
imgq:85,h2pri
UL_logoNTT.png
images.ulprospector.com/Search/SpotlightImages/ 		748 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ulprospector.com/Search/SpotlightImages/UL_logoNTT.png
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d32e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f77d0d1ad901941c0cd94919853d90b3b6572d3768d981bfb236434e9fe6334
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://smail.ulprospector.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:18:10 GMT
vary
Accept
cf-cache-status
HIT
age
2635390
cf-polished
origFmt=png, origSize=2130
content-disposition
inline; filename="UL_logoNTT.webp"
content-length
748
last-modified
Thu, 23 Jan 2014 16:22:08 GMT
server
cloudflare
etag
"078dc425718cf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 20 Aug 2030 00:00:00 GMT
cache-control
public, max-age=282386510
accept-ranges
bytes
cf-ray
68b0e87b2ef242e7-FRA
cf-bgj
imgq:85,h2pri
SDI_Chemicals-Lotion_600x340.jpg
images.ulprospector.com/Search/SpotlightImages/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ulprospector.com/Search/SpotlightImages/SDI_Chemicals-Lotion_600x340.jpg
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d32e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b68adba626f674498e1b3770b88af4cb5e72bcf5d239421d86531037ae471e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://smail.ulprospector.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:18:10 GMT
vary
Accept
cf-cache-status
HIT
age
28141
cf-polished
qual=85, origFmt=jpeg, origSize=94843
content-disposition
inline; filename="SDI_Chemicals-Lotion_600x340.webp"
content-length
14094
last-modified
Wed, 01 Sep 2021 14:26:15 GMT
server
cloudflare
etag
"202e6e523d9fd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 20 Aug 2030 00:00:00 GMT
cache-control
public, max-age=282386510
accept-ranges
bytes
cf-ray
68b0e87b2ef442e7-FRA
cf-bgj
imgq:85,h2pri
CO_BA_UL_Logo_0705_2_White_270x270.png
images.ulprospector.com/Search/SpotlightImages/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ulprospector.com/Search/SpotlightImages/CO_BA_UL_Logo_0705_2_White_270x270.png
Requested by
Host: smail.ulprospector.com
URL: https://smail.ulprospector.com:8443/t/gfH1AAhbbERVvQBK-jDOToC1NvaHPpBDJCjaaaaHPpBQTO1DwaaC1NvHPp?m=wa1kzm~25BtoV-zV.nV.jT~amp%3Bk%3Dionyl0~25x7aj-lj.Zj.Vh~amp%3BY%3Dwa1kzm~25BtoV-zV.nV.jT~amp%3Bs%3D5Hf~amp%3B4%3D~amp%3Bk%3D~23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d32e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90d524264b5b923aed50c23212f0619dedf5dcc185f36bd29b3535e85398e9e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://smail.ulprospector.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:18:10 GMT
vary
Accept
cf-cache-status
HIT
age
2459923
cf-polished
origFmt=png, origSize=5143
content-disposition
inline; filename="CO_BA_UL_Logo_0705_2_White_270x270.webp"
content-length
2250
last-modified
Wed, 11 Nov 2020 22:04:32 GMT
server
cloudflare
etag
"ba7c51a276b8d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 20 Aug 2030 00:00:00 GMT
cache-control
public, max-age=282386510
accept-ranges
bytes
cf-ray
68b0e87b2ef542e7-FRA
cf-bgj
imgq:85,h2pri

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.ulprospector.com/ Name: __cfruid
Value: 8f9ae8c5e163459880d2b6bdd880db24f5af6077-1631027890