pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev Open in urlscan Pro
2606:4700::6812:223  Public Scan

Submitted URL: https://www.nwxyuchbb.cc.rs6.aei.com.eg/
Effective URL: https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html
Submission: On May 29 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 7 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.
This is the only time pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 85.187.142.75 55293 (A2HOSTING)
1 1 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
1 172.67.159.22 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 208.91.199.154 46606 (UNIFIEDLA...)
1 2a04:4e42:600... 54113 (FASTLY)
7 6
Domain Requested by
3 www.nwxyuchbb.cc.rs6.aei.com.eg 2 redirects
1 code.jquery.com pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev
1 megajournalofcasereports.com pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev
1 pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev tallerindustrialtoaquiza.com
1 tallerindustrialtoaquiza.com
1 www.bing.com 1 redirects
0 mail.agrohurt.com Failed
0 invalid Failed pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev
7 8

This site contains no links.

Subject Issuer Validity Valid
www.nwxyuchbb.cc.rs6.aei.com.eg
R3
2024-05-29 -
2024-08-27
3 months crt.sh
tallerindustrialtoaquiza.com
E1
2024-05-28 -
2024-08-26
3 months crt.sh
*.r2.dev
E1
2024-04-05 -
2024-07-04
3 months crt.sh
megajournalofcasereports.com
R3
2024-05-21 -
2024-08-19
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html
Frame ID: 89D859616D145ABF62A0245D96BEDC56
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Webmail

Page URL History Show full URLs

  1. https://www.nwxyuchbb.cc.rs6.aei.com.eg/ Page URL
  2. https://www.nwxyuchbb.cc.rs6.aei.com.eg/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7532686 HTTP 302
    https://www.nwxyuchbb.cc.rs6.aei.com.eg/ HTTP 302
    https://www.bing.com/ck/a?!&&p=52c773505cfd2e55JmltdHM9MTcxNjk0MDgwMCZpZ3VpZD0zNWRjYTYxNS02NDcxLT... HTTP 302
    https://tallerindustrialtoaquiza.com/quienes-somos/ Page URL
  3. https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

71 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

72 kB
Transfer

197 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nwxyuchbb.cc.rs6.aei.com.eg/ Page URL
  2. https://www.nwxyuchbb.cc.rs6.aei.com.eg/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7532686 HTTP 302
    https://www.nwxyuchbb.cc.rs6.aei.com.eg/ HTTP 302
    https://www.bing.com/ck/a?!&&p=52c773505cfd2e55JmltdHM9MTcxNjk0MDgwMCZpZ3VpZD0zNWRjYTYxNS02NDcxLTY0ZGItMmYwZS1iMjlkNjVhYjY1OWYmaW5zaWQ9NTE1Mw&ptn=3&ver=2&hsh=3&fclid=35dca615-6471-64db-2f0e-b29d65ab659f&u=a1aHR0cHM6Ly90YWxsZXJpbmR1c3RyaWFsdG9hcXVpemEuY29tL3F1aWVuZXMtc29tb3Mv HTTP 302
    https://tallerindustrialtoaquiza.com/quienes-somos/ Page URL
  3. https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.nwxyuchbb.cc.rs6.aei.com.eg/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7532686 HTTP 302
  • https://www.nwxyuchbb.cc.rs6.aei.com.eg/ HTTP 302
  • https://www.bing.com/ck/a?!&&p=52c773505cfd2e55JmltdHM9MTcxNjk0MDgwMCZpZ3VpZD0zNWRjYTYxNS02NDcxLTY0ZGItMmYwZS1iMjlkNjVhYjY1OWYmaW5zaWQ9NTE1Mw&ptn=3&ver=2&hsh=3&fclid=35dca615-6471-64db-2f0e-b29d65ab659f&u=a1aHR0cHM6Ly90YWxsZXJpbmR1c3RyaWFsdG9hcXVpemEuY29tL3F1aWVuZXMtc29tb3Mv HTTP 302
  • https://tallerindustrialtoaquiza.com/quienes-somos/

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.nwxyuchbb.cc.rs6.aei.com.eg/
1 KB
2 KB
Document
General
Full URL
https://www.nwxyuchbb.cc.rs6.aei.com.eg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.187.142.75 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-tr101.supercp.com
Software
imunify360-webshield/1.21 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0 no-store, max-age=0
content-length
1502
date
Wed, 29 May 2024 23:03:18 GMT
server
imunify360-webshield/1.21
/
tallerindustrialtoaquiza.com/quienes-somos/
Redirect Chain
  • https://www.nwxyuchbb.cc.rs6.aei.com.eg/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=7532686
  • https://www.nwxyuchbb.cc.rs6.aei.com.eg/
  • https://www.bing.com/ck/a?!&&p=52c773505cfd2e55JmltdHM9MTcxNjk0MDgwMCZpZ3VpZD0zNWRjYTYxNS02NDcxLTY0ZGItMmYwZS1iMjlkNjVhYjY1OWYmaW5zaWQ9NTE1Mw&ptn=3&ver=2&hsh=3&fclid=35dca615-6471-64db-2f0e-b29d65a...
  • https://tallerindustrialtoaquiza.com/quienes-somos/
9 KB
3 KB
Document
General
Full URL
https://tallerindustrialtoaquiza.com/quienes-somos/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.nwxyuchbb.cc.rs6.aei.com.eg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88ba1df62d21364d-FRA
content-encoding
br
content-type
text/html
date
Wed, 29 May 2024 23:03:19 GMT
last-modified
Wed, 29 May 2024 08:21:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PZIATisfcRDynzWMU56lS1wxkSIz8mAaj5Y%2F3Xy4GJVYHjLEhxwvGZFN1fEUOl%2BHxj%2FICCbvMkh%2B16Q%2BkHYb%2FRIe%2F08FhgXk309%2F8KctpoUAMSHG%2BB34fknY%2Bb22hycGJLQxfU0D2kda%2B7nrLfu"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
cache-control
no-cache, must-revalidate
content-length
0
date
Wed, 29 May 2024 23:03:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tallerindustrialtoaquiza.com/quienes-somos/
pragma
no-cache
x-cdn-traceid
0.ac931102.1717023798.d9fe959
x-msedge-ref
Ref A: 246DFD567E554736A23D80613BFE8D1D Ref B: DUS30EDGE0914 Ref C: 2024-05-29T23:03:18Z
Primary Request index.html
pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/
17 KB
17 KB
Document
General
Full URL
https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html
Requested by
Host: tallerindustrialtoaquiza.com
URL: https://tallerindustrialtoaquiza.com/quienes-somos/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d76e8e58e716cc3d0a44e192c4bf8be82e863fb49b8376bdd876ef8581905a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tallerindustrialtoaquiza.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
CF-RAY
88ba1df91b373638-FRA
Connection
keep-alive
Content-Length
17579
Content-Type
text/html
Date
Wed, 29 May 2024 23:03:19 GMT
ETag
"d1e86f8441543425c1675f0ce65d2471"
Last-Modified
Wed, 29 May 2024 07:28:32 GMT
Server
cloudflare
Vary
Accept-Encoding
styles.css
megajournalofcasereports.com/wp-content/themes/
85 KB
21 KB
Stylesheet
General
Full URL
https://megajournalofcasereports.com/wp-content/themes/styles.css
Requested by
Host: pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev
URL: https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.91.199.154 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
208-91-199-154.unifiedlayer.com
Software
Apache /
Resource Hash
c36b4d2d5a0aebd9301e5a39b891d1e6980c33d29c47232042e7585095cee836

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 23:03:20 GMT
content-encoding
gzip
last-modified
Wed, 29 May 2024 07:22:40 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
/
invalid/
0
0

jquery-3.1.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev
URL: https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://pub-f7241f308f6840c3accaf2d56b2e5f15.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 23:03:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
753442
x-cache
HIT, HIT
content-length
30070
x-served-by
cache-lga21947-LGA, cache-fra-etou8220120-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717023799.482188,VS0,VE0
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93, 2007
favicon.ico
mail.agrohurt.com/img/logo/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/
Domain
mail.agrohurt.com
URL
https://mail.agrohurt.com/img/logo/favicon.ico

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getEmail function| getPassword function| showError function| hideError function| doRedirect function| clientChange function| forgotPassword function| disableEnable function| hideTooltip function| showTooltip function| showPassword function| onLoad

1 Cookies

Domain/Path Name / Value
.www.nwxyuchbb.cc.rs6.aei.com.eg/ Name: wssplashuid
Value: 512d4dc677c1d17b295bf7faa3f725e5ff0ed9c7.1717027398.1

1 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT