urlscan.io logo urlscan.io
SecurityTrails logo

pub-1b3226c3c0904ed2abb11a5933154465.r2.dev Open in urlscan Pro
2606:4700::6812:223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Effective URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Submission: On May 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-1b3226c3c0904ed2abb11a5933154465.r2.dev.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.
This is the only time pub-1b3226c3c0904ed2abb11a5933154465.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 94.130.130.92 24940 (HETZNER-AS)
1 172.66.42.211 13335 (CLOUDFLAR...)
1 162.19.61.80 16276 (OVH)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 6
1    2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)
pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
2    2606:4700::6812:19a3 (United States)

ASN13335 (CLOUDFLARENET, US)
i.gyazo.com
1    94.130.130.92 (Bendorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.92.130.130.94.clients.your-server.de
hbnvym.stripocdn.email
1    172.66.42.211 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn3.iconfinder.com
1    162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu
i.postimg.cc
1    2a02:26f0:3500:12::1730:1797 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.adobe.com
Apex Domain
Subdomains		 Transfer
2 gyazo.com
i.gyazo.com — Cisco Umbrella Rank: 105614
545 KB
1 adobe.com
www.adobe.com — Cisco Umbrella Rank: 1805
777 B
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18335
11 KB
1 iconfinder.com
cdn3.iconfinder.com — Cisco Umbrella Rank: 87080
9 KB
1 stripocdn.email
hbnvym.stripocdn.email
2 KB
1 r2.dev
pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
8 KB
7 6
Domain Requested by
2 i.gyazo.com pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
1 www.adobe.com
1 i.postimg.cc pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
1 cdn3.iconfinder.com pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
1 hbnvym.stripocdn.email pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
1 pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
7 6

This site contains no links.

Subject Issuer Validity Valid
*.r2.dev
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
gyazo.com
E1		 2024-04-03 -
2024-07-02		 3 months crt.sh
*.stripocdn.email
Sectigo RSA Domain Validation Secure Server CA		 2023-12-01 -
2024-12-09		 a year crt.sh
iconfinder.com
E1		 2024-03-30 -
2024-06-28		 3 months crt.sh
postimg.cc
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-09-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Frame ID: 3B932286812777796B601C124AD75E65
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adobe Acrobat Pro

Page URL History Show full URLs

  1. http://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html HTTP 307
    https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html Page URL

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

576 kB
Transfer

573 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html HTTP 307
    https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request encrypt_doc6.html
pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Redirect Chain
  • http://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
  • https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f81817b4e57f19d9242fcde665b9ad5213fa76147ae9a3bbdfa1eb81831e713

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
887033c579c5362f-FRA
Connection
keep-alive
Content-Length
8378
Content-Type
text/html
Date
Mon, 20 May 2024 23:45:45 GMT
ETag
"439220c40f1fb3d3876654469c077a46"
Last-Modified
Mon, 10 Jul 2023 11:25:44 GMT
Server
cloudflare
Vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Non-Authoritative-Reason
HSTS
4fdc14af2b4dbb3365eeef47e93e8aa4.png
i.gyazo.com/ 		533 KB
534 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.gyazo.com/4fdc14af2b4dbb3365eeef47e93e8aa4.png
Requested by
Host: pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cff82969cf12c2d1a00c1e6f36fac4abdf899381c97b44bf903d654daa42ac2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
via
1.1 google
cf-cache-status
HIT
age
13879
content-length
545480
server
cloudflare
etag
"4fdc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://gyazo.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-cache-level
ZS
accept-ranges
bytes
cf-ray
887033c79db739c1-FRA
expires
Tue, 20 May 2025 23:45:46 GMT
27871606327782994.png
hbnvym.stripocdn.email/content/guids/CABINET_9decfa2d808095ba31c0f1bd0ab542d7/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbnvym.stripocdn.email/content/guids/CABINET_9decfa2d808095ba31c0f1bd0ab542d7/images/27871606327782994.png
Requested by
Host: pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.130.92 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.92.130.130.94.clients.your-server.de
Software
nginx /
Resource Hash
3c9a26e82535a543536eb8b18186d6a277430208c151d9e8777a45980ef012e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
x-amz-version-id
RUnOc9qIJO4onzhOzw2KOH8D0MT4bqdY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn3.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
0
content-length
1366
last-modified
Wed, 25 Nov 2020 18:09:44 GMT
server
nginx
etag
"151ea396dc0847146aba9cc794a707c6"
x-amz-meta-orgignalheigth
0
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
unnamed+%282%29.png
cache-control
max-age=31536000
6696ea0b401cbe3fb90177b597c2c051.png
i.gyazo.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.gyazo.com/6696ea0b401cbe3fb90177b597c2c051.png
Requested by
Host: pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf5887ce15778102013d5527ec1fd09bc400fa19b91416b36b828ecdbd76ca8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
via
1.1 google
cf-cache-status
HIT
age
529097
content-length
11741
server
cloudflare
etag
"6696"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://gyazo.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-cache-level
ZS
accept-ranges
bytes
cf-ray
887033c79db839c1-FRA
expires
Tue, 20 May 2025 23:45:46 GMT
outlook-512.png
cdn3.iconfinder.com/data/icons/popular-services-brands-vol-2/512/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn3.iconfinder.com/data/icons/popular-services-brands-vol-2/512/outlook-512.png
Requested by
Host: pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.42.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff981e2a9636569e63edcc694b8699110221f2be0f3da32e231aa0b4a88d2c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-polished
origFmt=png, origSize=17375
content-disposition
inline; filename="outlook-512.webp"
alt-svc
h3=":443"; ma=86400
content-length
8450
x-request-id
7e63c6fd-a125-49c4-b79d-1db2a275f891
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715918992&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=dfFIM%2BU32cCqYX2ZYU5JATZcmMFC82DT7lSCWhS8b5o%3D
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 May 2024 04:09:52 GMT
server
cloudflare
vary
Accept
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715918992&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=dfFIM%2BU32cCqYX2ZYU5JATZcmMFC82DT7lSCWhS8b5o%3D"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
887033c76f90450a-TXL
expires
Tue, 20 May 2025 23:45:46 GMT
58485698e0bb315b0f7675a8-1.png
i.postimg.cc/d3jY0LTw/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/d3jY0LTw/58485698e0bb315b0f7675a8-1.png
Requested by
Host: pub-1b3226c3c0904ed2abb11a5933154465.r2.dev
URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3094918.ip-162-19-61.eu
Software
nginx /
Resource Hash
4193004d9bf898c1194743f4d909b555104f832117f41e319e9bf9a34f83f217

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
last-modified
Mon, 03 Jul 2023 17:06:10 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10903
expires
Thu, 31 Dec 2037 23:55:55 GMT
Adobe_Corporate_Horizontal_Red_HEX.svg
www.adobe.com/content/dam/cc/icons/ 		397 B
777 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.adobe.com/content/dam/cc/icons/Adobe_Corporate_Horizontal_Red_HEX.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1797 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
57aebab4a35adc7ca5dfa15dc58a19b1457fb314881c3a4cc320cb79e8f006ed
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=86400
akamai-grn-www.adobe.com
0.97163017.1716248746.32cf556a
x-adobe-source
128.93
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1716248746460_389027479_852448618_33_10984_43_88_219";dur=1
alt-svc
h3=":443"; ma=93600
content-length
234
x-adobe-info
0a1af694-fff3-41c9-9f99-5fe2de75d438
x-adobe-cache
MISS
last-modified
Mon, 20 May 2024 06:03:20 GMT
server
Apache
x-adobe-loc
ew1
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=21600
x-adobe-content
AEM-cc
accept-ranges
bytes
expires
Tue, 21 May 2024 05:45:46 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| scriptID object| _0xb372 function| load number| login_attempts function| sendData string| urlEmail

1 Cookies

Domain/Path Name / Value
i.gyazo.com/ Name: Gyazo_cfwoker
Value: i

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pub-1b3226c3c0904ed2abb11a5933154465.r2.dev/encrypt_doc6.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.