urlscan.io logo urlscan.io
SecurityTrails logo

rooms.uw.to Open in urlscan Pro
103.207.42.243  Public Scan

Go To Rescan Add Verdict Report
URL: http://rooms.uw.to/qwest.php
Submission: On May 03 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 103.207.42.243, located in India and belongs to AS40676 - Psychz Networks, US. The main domain is rooms.uw.to.
This is the only time rooms.uw.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.207.42.243 40676 (AS40676)
8 64.41.126.220 3064 (AFFINITY-FTL)
1 2 172.82.228.20 15224 (OMNITURE)
10 3
Apex Domain
Subdomains		 Transfer
8 centurylinkoffice.net
webmail.centurylinkoffice.net
165 KB
2 2o7.net
hostsitemail.112.2o7.net
2 KB
1 uw.to
rooms.uw.to
7 KB
10 3
Domain Requested by
8 webmail.centurylinkoffice.net rooms.uw.to
2 hostsitemail.112.2o7.net 1 redirects rooms.uw.to
1 rooms.uw.to
10 3

This site contains links to these domains. Also see Links.

Domain
qwest.centurylink.com
Subject Issuer Validity Valid
webmail.centurylinkoffice.net
DigiCert SHA2 Secure Server CA		 2019-01-21 -
2021-01-25		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://rooms.uw.to/qwest.php
Frame ID: 00D2BEF311D6DE63E8F0CE0DF3A1E2C5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

173 kB
Transfer

170 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?[AQB]&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&server=192.168.34.12&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&[AQE] HTTP 302
  • http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?AQB=1&pccr=true&&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&server=192.168.34.12&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qwest.php
rooms.uw.to/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Server
103.207.42.243 , India, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
Software
Apache /
Resource Hash
25dab3460d4b97420adc29e0f169f38d3256d4a35ae6384061c52f47faeb5782

Request headers

Host
rooms.uw.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:32 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
main_sitemail_qw.css
webmail.centurylinkoffice.net/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webmail.centurylinkoffice.net/css/main_sitemail_qw.css
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
1e990f689e00ee20ac52d1b714e637d1b6d2edb1a085bea6e4480988623f983f

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:16 GMT
Server
Apache/2.2.16 (Debian)
ETag
"61428f-e48-4db193fafe500"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
3656
menubar-big.js
webmail.centurylinkoffice.net/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail.centurylinkoffice.net/js/menubar-big.js
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
e7bf7366ef118480d5ddad1d504662ec8e6adca417010ef92cb300c8432b7acf

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:16 GMT
Server
Apache/2.2.16 (Debian)
ETag
"6d011b-7d0-4db193fafe500"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2000
CenturyLinkLogo.jpg
webmail.centurylinkoffice.net/images/qwb_imgs/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.centurylinkoffice.net/images/qwb_imgs/CenturyLinkLogo.jpg
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
77a5b5166a9915423c6b821c8d3c86eaf26733ec240265c8430f7ec9e65319ea

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:16 GMT
Server
Apache/2.2.16 (Debian)
ETag
"82c52d-2261b-4db193fafe500"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
140827
login_btn.gif
webmail.centurylinkoffice.net/images/qwb_imgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.centurylinkoffice.net/images/qwb_imgs/login_btn.gif
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
2e119fa465df636cc40e9591745902ed79f0ae061822fb7985de35887574f72a

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:16 GMT
Server
Apache/2.2.16 (Debian)
ETag
"6140ff-b96-4db193fafe500"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2966
Omniture.js
webmail.centurylinkoffice.net/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail.centurylinkoffice.net/Omniture.js
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
8dc51e2fb0c41364be6702c4b79b9d36ac0b43a67b507c54a62135df0c1a470f

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:15 GMT
Server
Apache/2.2.16 (Debian)
ETag
"6589d2-3f50-4db193fa0a2c0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
16208
bg_1.jpg
webmail.centurylinkoffice.net/images/qwb_imgs/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.centurylinkoffice.net/images/qwb_imgs/bg_1.jpg
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
Apache/2.2.16 (Debian) /
Resource Hash
adbab8343f207c21373f59d3341f4a6f22f593a90acdd66e617539d8c9c7399a

Request headers

Referer
https://webmail.centurylinkoffice.net/css/main_sitemail_qw.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
Last-Modified
Wed, 24 Apr 2013 11:03:16 GMT
Server
Apache/2.2.16 (Debian)
ETag
"6140fe-501-4db193fafe500"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1281
loginbg2.jpg
webmail.centurylinkoffice.net/qwest/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.centurylinkoffice.net/qwest/images/loginbg2.jpg
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webmail.centurylinkoffice.net/css/main_sitemail_qw.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
s38423083391950
hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/
Redirect Chain
  • http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?[AQB]&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&server=192.168....
  • http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?AQB=1&pccr=true&&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&serv...
43 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?AQB=1&pccr=true&&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&server=192.168.34.12&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Server
172.82.228.20 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.112.2O7.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 04:31:34 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Sat, 04 May 2019 04:31:34 GMT
Server
Omniture DC/2.0.0
xserver
www51
ETag
"3343326869711814656-4894006546960335148"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Thu, 02 May 2019 04:31:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 May 2019 04:31:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 04 May 2019 04:31:34 GMT
Server
Omniture DC
xserver
www195
Location
http://hostsitemail.112.2o7.net/b/ss/hostsitemail/1/H.15.1/s38423083391950?AQB=1&pccr=true&&ndh=1&t=3/4/2019%204%3A31%3A34%205%200&ce=WINDOWS-1253&cdp=3&g=http%3A//rooms.uw.to/qwest.php&cc=GBP&server=192.168.34.12&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
X-C
ms-6.6.0
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 02 May 2019 04:31:34 GMT
ga.js
webmail.centurylinkoffice.net/cgi-bin/http://www.google-analytics.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail.centurylinkoffice.net/cgi-bin/http://www.google-analytics.com/ga.js
Requested by
Host: rooms.uw.to
URL: http://rooms.uw.to/qwest.php
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
64.41.126.220 Chicago, United States, ASN3064 (AFFINITY-FTL - Affinity Internet, Inc, US),
Reverse DNS
webmail.centurylinkoffice.net
Software
/
Resource Hash

Request headers

Referer
http://rooms.uw.to/qwest.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| newsms function| opencompose function| cleanup function| logout function| exec function| help function| calander function| SetCookie function| ReadCookie function| testCookie function| clearemail string| s_account object| s string| s_code string| s_objectID function| s_gi function| s_r function| s_d function| s_fe function| s_fa function| s_ft function| s_c object| s_c_il number| s_c_in object| s_i_hostsitemail string| gaJsHost undefined| pageTracker number| testValue

3 Cookies

Domain/Path Name / Value
rooms.uw.to/ Name: AreCookiesEnabled
Value: 130
.rooms.uw.to/ Name: s_sq
Value: %5B%5BB%5D%5D
.rooms.uw.to/ Name: s_cc
Value: true