pub-199efd50cde24638b17556a85b414b46.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html
Submission: On June 05 via manual (June 5th 2024, 7:16:31 am UTC) from SG — Scanned from SG

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 104.18.2.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-199efd50cde24638b17556a85b414b46.r2.dev.
TLS certificate: Issued by E1 on June 3rd 2024. Valid for: 3 months.

This is the only time pub-199efd50cde24638b17556a85b414b46.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.18.2.35 104.18.2.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	64.98.38.179 64.98.38.179	32491 (TUCOWS-3) (TUCOWS-3)
14	2

2 104.18.2.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-199efd50cde24638b17556a85b414b46.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 64.98.38.179 (Canada)

ASN32491 (TUCOWS-3, CA)

webmail.conwaycorp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	conwaycorp.net webmail.conwaycorp.net	1 MB
2	r2.dev pub-199efd50cde24638b17556a85b414b46.r2.dev	38 KB
14	2

	Domain	Requested by
12	webmail.conwaycorp.net	pub-199efd50cde24638b17556a85b414b46.r2.dev
2	pub-199efd50cde24638b17556a85b414b46.r2.dev
14	2

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.conwaycorp.net DigiCert TLS RSA SHA256 2020 CA1	`2023-06-07` - `2024-06-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html
Frame ID: E650AB06EEE43AB0451E8C69FC56C920
Requests: 13 HTTP requests in this frame

Frame: https://webmail.conwaycorp.net/skins/elastic/webmail-logo.svg
Frame ID: 6F8F9D9B4133A46C68246B43C4B5E807
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail :: Welcome to WebmailWebmail :: Welcome to Webmail

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1399 kB
Transfer

1390 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request signin.html Show response
pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/ 11 KB
12 KB 12016ms
8964ms Document
text/html 104.18.2.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9fd17a1f5d94c87dd3da8b468b45e7a4ec3c0fe187e7ee3e38c5b8f786ed43

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
CF-RAY: 88ee60024f723e59-SIN
Connection: keep-alive
Content-Length: 11473
Content-Type: text/html
Date: Wed, 05 Jun 2024 07:16:04 GMT
ETag: "7876900a32a3f99e588b77d9e0d581a2"
Last-Modified: Wed, 29 May 2024 10:22:13 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK bootstrap.min.css
webmail.conwaycorp.net/skins/elastic/deps/ 158 KB
159 KB 2629ms
678ms Stylesheet
text/css 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/skins/elastic/deps/bootstrap.min.css?s=1707945294

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

ca2d63f7f2d4eedf5767ae32b8badd7a17bce8835a538ec0d80d20afb723b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:14 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 14 Feb 2024 21:14:54 GMT
Server: Apache
ETag: "27958-6115e008b6f80"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 162136
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK login.css
webmail.conwaycorp.net/plugins/skins/ 4 KB
5 KB 3003ms
1052ms Stylesheet
text/css 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/plugins/skins/login.css?s=1677694319

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

98338a949abe7dab9f6a8e75e897d81a0d9ea3d4e14cd591ef98046c9e71749a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:15 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Fri, 07 Oct 2022 02:51:27 GMT
Server: Apache
ETag: "10e9-5ea68e2da29c0"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 4329
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK styles.2.css
webmail.conwaycorp.net/brands/049/1/ 311 KB
312 KB 3080ms
1119ms Stylesheet
text/css 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/brands/049/1/styles.2.css?s=1573257075

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

97735624f41cd147e25d9e301bb14bded56e3d4d47b6456ff4df01c08f3f1fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:15 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Fri, 08 Nov 2019 23:51:15 GMT
Server: Apache
ETag: "4ddd1-596de751882c0"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 318929
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK jquery-ui.min.css
webmail.conwaycorp.net/plugins/jqueryui/themes/elastic/ 29 KB
29 KB 2604ms
677ms Stylesheet
text/css 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/plugins/jqueryui/themes/elastic/jquery-ui.min.css?s=1705745704

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

aad541bcbd68b5ea0300c91b804637a2706e983a46d93546b109e6f322869107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:14 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 24 Apr 2024 15:56:31 GMT
Server: Apache
ETag: "727d-616d9b6cf09c0"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 29309
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK jquery.min.js Show response
webmail.conwaycorp.net/program/js/ 89 KB
90 KB 10461ms
1000ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/program/js/jquery.min.js?s=1707945181

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:22 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 29 May 2024 18:33:40 GMT
Server: Apache
ETag: "1632e-6199bfd444900"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 90926
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK common.js Show response
webmail.conwaycorp.net/program/js/ 22 KB
23 KB 5094ms
407ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/program/js/common.js?s=1705745704

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

9b60e53e63a688745a44171d874b18eb281490f5283d3879c95d244ad0b84d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:17 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 22 May 2024 20:03:37 GMT
Server: Apache
ETag: "59b5-619106e105840"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 22965
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK app.js Show response
webmail.conwaycorp.net/program/js/ 313 KB
314 KB 10462ms
3864ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/program/js/app.js?s=1707943829

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

0814916d6875e3785f4f43a64a55dd244578a116bd5190418c2994b1fcabad4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:22 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 22 May 2024 20:01:22 GMT
Server: Apache
ETag: "4e323-6191066046880"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 320291
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK jstz.min.js Show response
webmail.conwaycorp.net/program/js/ 14 KB
14 KB 6595ms
1498ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/program/js/jstz.min.js?s=1705745709

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:17 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 22 May 2024 20:03:37 GMT
Server: Apache
ETag: "360b-619106e105840"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 13835
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK punycode.js Show response
webmail.conwaycorp.net/plugins/skins/ 14 KB
15 KB 9459ms
2860ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/plugins/skins/punycode.js?s=1677694319

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

952f98168ddee35169166ce789031db4b40cd784dd3d4b1712d04cc4f761677c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:19 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Fri, 07 Oct 2022 02:51:27 GMT
Server: Apache
ETag: "3939-5ea68e2da29c0"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 14649
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK ui.js Show response
webmail.conwaycorp.net/skins/elastic/ 142 KB
142 KB 2605ms
669ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/skins/elastic/ui.js?s=1677694320

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

7ab3be0fde4aca78a442505e7ca2308bf380e29d56e63a10b34c9958c2efd888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:14 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 01 Mar 2023 18:12:00 GMT
Server: Apache
ETag: "236ef-5f5daa5fc3c00"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 145135
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK jquery-ui.min.js Show response
webmail.conwaycorp.net/plugins/jqueryui/js/ 256 KB
257 KB 2606ms
670ms Script
application/javascript 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/plugins/jqueryui/js/jquery-ui.min.js?s=1705745704

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

45b30930d5752603cdff2d24aa942b5bbae3168f62e74e092cd9405ff10127f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:14 GMT
Strict-Transport-Security: max-age=15768000 ; includeSubDomains
Last-Modified: Wed, 24 Apr 2024 15:56:31 GMT
Server: Apache
ETag: "40166-616d9b6cf09c0"
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 262502
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"

GET
H/1.1 200
OK webmail-logo.svg
webmail.conwaycorp.net/skins/elastic/ Frame 6F8F 0
0 1003ms
356ms Document
image/svg+xml 64.98.38.179
TUCOWS-3

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.conwaycorp.net/skins/elastic/webmail-logo.svg

Requested by

Host: pub-199efd50cde24638b17556a85b414b46.r2.dev
URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.98.38.179 , Canada, ASN32491 (TUCOWS-3, CA),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: close
Content-Length: 2831
Content-Security-Policy-Report-Only: default-src * data: blob: 'unsafe-inline'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline'; report-to report; report-uri /?_task=background&_action=csp_report
Content-Type: image/svg+xml
Date: Wed, 05 Jun 2024 07:16:27 GMT
ETag: "b0f-5f5daa5fc3c00"
Last-Modified: Wed, 01 Mar 2023 18:12:00 GMT
Reporting-Endpoints: report="https://mail.b.hostedemail.com/?_task=background&_action=csp_report"
Server: Apache
Strict-Transport-Security: max-age=15768000 ; includeSubDomains

GET
H/1.1 404
Not Found favicon.ico
pub-199efd50cde24638b17556a85b414b46.r2.dev/ 27 KB
27 KB 515ms
515ms Other
text/html 104.18.2.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 07:16:28 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 88ee609d3be43e59-SIN
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/webmail/signin.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://pub-199efd50cde24638b17556a85b414b46.r2.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pub-199efd50cde24638b17556a85b414b46.r2.dev
webmail.conwaycorp.net
104.18.2.35
64.98.38.179
0814916d6875e3785f4f43a64a55dd244578a116bd5190418c2994b1fcabad4d
45b30930d5752603cdff2d24aa942b5bbae3168f62e74e092cd9405ff10127f7
5641ed21773230a8110279658abac57bb5b4abc7bf4091946c5e61e8f0021f55
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
6c9fd17a1f5d94c87dd3da8b468b45e7a4ec3c0fe187e7ee3e38c5b8f786ed43
716ece8deb8412f7ec95ab395c92f6515bb8d8b792fd7480c014cdc6f063452a
7ab3be0fde4aca78a442505e7ca2308bf380e29d56e63a10b34c9958c2efd888
952f98168ddee35169166ce789031db4b40cd784dd3d4b1712d04cc4f761677c
97735624f41cd147e25d9e301bb14bded56e3d4d47b6456ff4df01c08f3f1fca
98338a949abe7dab9f6a8e75e897d81a0d9ea3d4e14cd591ef98046c9e71749a
9b60e53e63a688745a44171d874b18eb281490f5283d3879c95d244ad0b84d53
aad541bcbd68b5ea0300c91b804637a2706e983a46d93546b109e6f322869107
ca2d63f7f2d4eedf5767ae32b8badd7a17bce8835a538ec0d80d20afb723b8e6

pub-199efd50cde24638b17556a85b414b46.r2.dev Open in urlscan Pro 104.18.2.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1399 kBTransfer

1390 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

pub-199efd50cde24638b17556a85b414b46.r2.dev Open in urlscan Pro
104.18.2.35 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1399 kB
Transfer

1390 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions