urlscan.io logo urlscan.io
SecurityTrails logo

pub-babe91ad742b4b5a9abed9805e94185e.r2.dev Open in urlscan Pro
2606:4700:7::eb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u46843020.ct.sendgrid.net/ls/click?upn=u001.RGvKdmAf-2Bd2TFqCOUQft4PQQpbUbKem-2FQuNhbFpNvZT8YIbfONbtlNHWl7kNcj8MpS-2Fwnfzb...
Effective URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm...
Submission: On September 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700:7::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-babe91ad742b4b5a9abed9805e94185e.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.
This is the only time pub-babe91ad742b4b5a9abed9805e94185e.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.58 11377 (SENDGRID)
5 2606:4700:7::eb 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains		 Transfer
5 r2.dev
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
68 KB
1 cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 3503
4 KB
1 sendgrid.net
u46843020.ct.sendgrid.net
386 B
6 3
Domain Requested by
5 pub-babe91ad742b4b5a9abed9805e94185e.r2.dev pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
1 ajax.cloudflare.com pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
1 u46843020.ct.sendgrid.net 1 redirects
6 3

This site contains links to these domains. Also see Links.

Domain
xaxaxa.antibot.cloud
Subject Issuer Validity Valid
*.r2.dev
E6		 2024-08-01 -
2024-10-30		 3 months crt.sh
ajax.cloudflare.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-08-07 -
2025-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Frame ID: 2CE0E10E33D4AB84A52B6766A537CB64
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://u46843020.ct.sendgrid.net/ls/click?upn=u001.RGvKdmAf-2Bd2TFqCOUQft4PQQpbUbKem-2FQuNhbFpNvZT8YIbfONbtlN... HTTP 302
    https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&... Page URL

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

73 kB
Transfer

79 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u46843020.ct.sendgrid.net/ls/click?upn=u001.RGvKdmAf-2Bd2TFqCOUQft4PQQpbUbKem-2FQuNhbFpNvZT8YIbfONbtlNHWl7kNcj8MpS-2FwnfzbOJ2w9rDMkB98utNN221hkGTO8QBgmQ131fI7mhHSSDzgvORHuczXpAnthE9f1twfzQBK-2BfWjy65x3tCuF7gvrHm0P0eBmVy0-2B4ZGiZ9oup7y5cuTD8Dnn4im-2Bt7fIeE8fjET0mQ0m2xwjOmLw9p0IFv1DAXSbXE9WdO3Bd787KCFKS3CJ2-2BF16h-2FtYrH_LyOw2WMknLPz1Ii-2BDJ1rRpq1p8Ko9bG9C58zipGmAoWlB-2ByOA3jq-2BAOolK9fW6TOvHG-2BeZ4hIjjdDxiNnkG-2BbymKE022k9kTCgPdf5dWLLlksdKjBUNlELyJuyPv9gmJWX92imAUXXI5Fz6pj5kvaA7VyEKMHbxSa4JafLaP0IKTbT-2BVFa0pTtP8hcrZ8aVyI5kxuQglI1DBWvossn8Q11GXRZFSBZS4ZuwaitXdqNsZer6N6jUClWS72wBILWSoJ7HEQdQeAFikDOUtr0-2Bb2XwL5lhxAu9uo0PTGLZi0K4Fhn9b8g1UIomcD2Nw9j6-2FU0JT-2F6JkNO3s7w5vtjd27lYsUmMG9Ei6QMqUdWniFip0HyCdP-2FIrXLtWs8rjeRnPfMMyJwXLiYBMKoivx1P9h-2Bq4MeZG7X3jchkJhG7mWjxkrBvbSwqdURZxfhOzXvIR HTTP 302
    https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iindex.html
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/
Redirect Chain
  • https://u46843020.ct.sendgrid.net/ls/click?upn=u001.RGvKdmAf-2Bd2TFqCOUQft4PQQpbUbKem-2FQuNhbFpNvZT8YIbfONbtlNHWl7kNcj8MpS-2FwnfzbOJ2w9rDMkB98utNN221hkGTO8QBgmQ131fI7mhHSSDzgvORHuczXpAnthE9f1twfzQB...
  • https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83c8dc92f0d2b527791104c3a22c0f7db4aa44c36b3dc62f401d59e8d97fea1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
8c6297a78ba8d372-FRA
Connection
keep-alive
Content-Length
8259
Content-Type
text/html
Date
Fri, 20 Sep 2024 14:44:14 GMT
ETag
"e903cde32a9b31b37f8eb3f18b422f14"
Last-Modified
Thu, 12 Sep 2024 11:47:31 GMT
Server
cloudflare
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
217
Content-Type
text/html; charset=utf-8
Date
Fri, 20 Sep 2024 14:44:14 GMT
Location
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Server
nginx
X-Robots-Tag
noindex, nofollow
api.js
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/cdn-cgi/bm/cv/669835187/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=14400
CF-Cache-Status
MISS
Connection
keep-alive
CF-RAY
8c6297a9fc74d372-FRA
Expires
Fri, 20 Sep 2024 18:44:15 GMT
Date
Fri, 20 Sep 2024 14:44:15 GMT
Vary
Accept-Encoding
Server
cloudflare
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:490e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687

Response headers

content-encoding
gzip
etag
W/"66e7fb1c-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNIK97KJqCwp2NgnrKBf5%2Bz4ZDxTZa%2F1OldZ4etX1mCdz7H%2FbuuNqKuCzqeu2PIKqmM1%2FYe65fZp3fUaFyqSCuSNxjARseX5OQmjMrVCVC1J4h8930Qbx90UZ8LbHXSMcPwIbpfRM64G4XVi8nRVang%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 22 Sep 2024 14:44:15 GMT
date
Fri, 20 Sep 2024 14:44:15 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15780000; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://ajax.cloudflare.com/cdn-cgi/beacon/csp?req_id=8c6297aab9f2d398
cf-ray
8c6297aab9f2d398-FRA
server
cloudflare
ab.php
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ab.php
Requested by
Host: pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72220408b3a3a351433a4cc02b8d3dea31bf8b6955e11d5baa7fb5655cacbe7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded;
Referer
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687

Response headers

CF-RAY
8c6297b35d22d372-FRA
Content-Length
16794
Date
Fri, 20 Sep 2024 14:44:16 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
ab.php
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ab.php
Requested by
Host: pub-babe91ad742b4b5a9abed9805e94185e.r2.dev
URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72220408b3a3a351433a4cc02b8d3dea31bf8b6955e11d5baa7fb5655cacbe7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded;
Referer
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687

Response headers

CF-RAY
8c6297b3be5fd372-FRA
Content-Length
16794
Date
Fri, 20 Sep 2024 14:44:16 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
favicon.ico
pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/iindex.html?redirect_mongo_id=66e2e196803d9491b074d686&utm_source=Springbot&utm_medium=Email&utm_campaign=66e2e196803d9491b074d687

Response headers

CF-RAY
8c6297b42d896957-FRA
Content-Length
27150
Date
Fri, 20 Sep 2024 14:44:16 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| redirect_url string| path object| parts function| isBase64 object| __CF$cv$params object| __cfQR string| userip string| country string| action string| h1 string| h2 string| ip string| v string| re string| ho string| cid string| ptr number| width number| height number| cwidth number| cheight number| colordepth number| pixeldepth function| nore function| Button function| CloudTest boolean| __cfRLUnblockHandlers

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/cdn-cgi/bm/cv/669835187/api.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ab.php
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/antibotlocal/ab.php
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://pub-babe91ad742b4b5a9abed9805e94185e.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)