recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com Open in urlscan Pro
129.211.179.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Submission: On August 18 via api (August 18th 2023, 12:52:23 am UTC) from JP — Scanned from JP

Summary HTTP 34 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 34 HTTP transactions. The main IP is 129.211.179.197, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 13th 2023. Valid for: a year.

This is the only time recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BCE-Bell (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
11	129.211.179.197 129.211.179.197	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
4	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
7	209.71.212.18 209.71.212.18	577 (BACOM) (BACOM)
2	2404:6800:400... 2404:6800:4004:822::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:825::200a	15169 (GOOGLE) (GOOGLE)
1	149.137.137.254 149.137.137.254	40401 (BACKBLAZE) (BACKBLAZE)
34	11

11 129.211.179.197 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.71.212.18 (Canada)

ASN577 (BACOM, CA)
PTR: autodiscover.bell.net

webmail.bell.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.137.137.254 (United States)

ASN40401 (BACKBLAZE, US)
PTR: s3.us-east-005.backblazeb2.com

bellsubscriber.s3.us-east-005.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	myqcloud.com recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com	132 KB
7	bell.net webmail.bell.net — Cisco Umbrella Rank: 886480	2 MB
4	gstatic.com www.gstatic.com	181 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 73	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1179 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3131	28 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	3 KB
1	backblazeb2.com bellsubscriber.s3.us-east-005.backblazeb2.com	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 985	24 KB
34	9

	Domain	Requested by
11	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
7	webmail.bell.net	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com webmail.bell.net bellsubscriber.s3.us-east-005.backblazeb2.com
4	www.gstatic.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com www.google.com
2	www.google.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	bellsubscriber.s3.us-east-005.backblazeb2.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	fonts.googleapis.com	webmail.bell.net
1	stackpath.bootstrapcdn.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	ajax.googleapis.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	maxcdn.bootstrapcdn.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	cdnjs.cloudflare.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
1	code.jquery.com	recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
34	11

This site contains links to these domains. Also see Links.

Domain
mybell.bell.ca
support.bell.ca
www.bell.ca
bell.net
bundles.bell.ca

Subject Issuer	Validity	Valid
*.cos.ap-nanjing.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-03-13` - `2024-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
bell.net Entrust Certification Authority - L1K	`2023-06-26` - `2024-07-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
backblazeb2.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Frame ID: 451C37A9FDBBCA25999BFFF34060726E
Requests: 27 HTTP requests in this frame

Frame: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html
Frame ID: DFB654D76B4577AD155E5C4053FAF446
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Frame ID: 732017E54ACE385937D8BD43E195B6F1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bell email

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

34
Requests

91 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

2717 kB
Transfer

3169 kB
Size

0
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://mybell.bell.ca/Login?refreshlink=https://mybell.bell.ca/sso/ssoauth.aspx?ReturnUrl=/PunchInOut/punchin?DirectAccess=ManageBellEmail
Title: Email Address

Search URL Search Domain Scan URL

URL: https://support.bell.ca/internet/email/how-to-use-bell-mail?step=2#displayStep
Title: Create a new email address

Search URL Search Domain Scan URL

URL: https://support.bell.ca/internet/email/how-to-use-bell-mail#displayStep
Title: Find out more

Search URL Search Domain Scan URL

URL: https://support.bell.ca/Billing-and-Accounts/Security_and_privacy/How_does_Bell_respect_my_privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.bell.ca/Legal_and_terms#INT=OTH_legal_TXT_Footer
Title: Legal & Regulatory

Search URL Search Domain Scan URL

URL: http://bell.net/Residential_services
Title: Shop for Bell services

Search URL Search Domain Scan URL

URL: http://www.bell.ca/Mobility
Title: Bell Mobility

Search URL Search Domain Scan URL

URL: http://www.bell.ca/Bell_TV
Title: Bell TV

Search URL Search Domain Scan URL

URL: http://www.bell.ca/Bell_Internet
Title: Bell Internet

Search URL Search Domain Scan URL

URL: http://www.bell.ca/Home_phone
Title: Bell Home phone

Search URL Search Domain Scan URL

URL: http://bundles.bell.ca/en
Title: Bell Bundles

Search URL Search Domain Scan URL

URL: http://support.bell.ca/
Title: Support for Bell services

Search URL Search Domain Scan URL

URL: http://support.bell.ca/Mobility
Title: Bell Mobility support

Search URL Search Domain Scan URL

URL: http://support.bell.ca/Fibe_TV
Title: Bell TV support

Search URL Search Domain Scan URL

URL: http://support.bell.ca/Internet
Title: Bell Internet support

Search URL Search Domain Scan URL

URL: http://support.bell.ca/Home_Phone
Title: Bell Home phone support

Search URL Search Domain Scan URL

URL: http://support.bell.ca/Billing-and-Accounts
Title: Billing account support

Search URL Search Domain Scan URL

URL: https://mybell.bell.ca/MyServices/
Title: My Services

Search URL Search Domain Scan URL

URL: https://mybell.bell.ca/MyBills/
Title: My bills

Search URL Search Domain Scan URL

URL: https://mybell.bell.ca/MyProfile/
Title: My profile

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ 130 KB
131 KB 1339ms
394ms Document
text/html 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 9774448250478c8bd325f5e491b896f0a47c376af56dec00342fe988bd762d76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 133449
Content-Type: text/html
Date: Fri, 18 Aug 2023 00:52:12 GMT
ETag: "2dacce1f034be65518c4ecda64013104"
Last-Modified: Fri, 11 Aug 2023 14:54:50 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 5819142696018823589
x-cos-request-id: NjRkZWMwYmNfYWM1NWU0MDlfMTlkZDFfM2NiN2Nk

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 0
0 238ms
196ms Script
text/html 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0

GET
H/1.1 404
Not Found bell_common.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/static/ 0
0 244ms
244ms Script
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/static/bell_common.js?seed=AMDznOqGAQAACn9-0BiWwerLgcjacqW3CGvfkVAEWsPi7ZGi6nfS1KjIDt3P&lPVnX2sAmT--z=q
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYmNfNDU0ZmI3MDlfMTNhYV8zYWM1OTU=
Date: Fri, 18 Aug 2023 00:52:12 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 439
Content-Type: application/xml

GET
H/1.1 200 ux.css
webmail.bell.net/bell/ux/ 2 MB
2 MB 921ms
188ms Stylesheet
text/css 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/ux/ux.css?v=3.1.3.28.1-8

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

2c7e81fc045dc1f57aa937e78561df432578ce10dff9b245cb9ca6ee668468b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:36 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"1941731-1688155776000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 1941731
X-Xss-Protection: 1; mode=block

GET
H/1.1 404
Not Found UXConfig.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ 0
0 188ms
188ms Script
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/UXConfig.js?v=3.1.3.28.1-8
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYmRfYWM1NWU0MDlfMTllMWVfM2M4NTE3
Date: Fri, 18 Aug 2023 00:52:13 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 432
Content-Type: application/xml

GET
H/1.1 404
Not Found localization.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ 0
0 273ms
273ms Script
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/localization.js?v=3.1.3.28.1-8
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYmRfNDU0ZmI3MDlfMTNhM18zYWJhZjg=
Date: Fri, 18 Aug 2023 00:52:13 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 436
Content-Type: application/xml

GET
H/1.1 200 jquery-3.5.1.min.js Show response
webmail.bell.net/bell/login/js/ 87 KB
88 KB 1002ms
189ms Script
application/javascript 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/login/js/jquery-3.5.1.min.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:32 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"89478-1688155772000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 89478
X-Xss-Protection: 1; mode=block

GET
H/1.1 200 flush.css
webmail.bell.net/bell/login/css/ 82 KB
82 KB 1006ms
210ms Stylesheet
text/css 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/login/css/flush.css

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

752a2fd980c99dcabae0aa552cd99fe9794cdf49febea1ee1c90319990b6566c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:32 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"83485-1688155772000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 83485
X-Xss-Protection: 1; mode=block

GET
H/1.1 404
Not Found ux.js
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ 0
0 371ms
184ms Script
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ux.js?v=3.1.3.28.1-8
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYmRfYWM1NWU0MDlfMTlkY2VfM2NlNDk0
Date: Fri, 18 Aug 2023 00:52:13 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 426
Content-Type: application/xml

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 80ms
40ms Script
text/javascript 2404:6800:4004:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f747902aa3a7461bcf9ca12068da7ddd36600afa66ddf9c2ab1a8838c34e0ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 1; mode=block
expires: Fri, 18 Aug 2023 00:52:14 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 358ms
140ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:13 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-10fdd"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1692319933.cdn4-pxy047-sjc02.sj3.evs,1692319933.cds207.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 14ms
7ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 118685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942d85-180d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q97YwYv7UBH8RAyQDyVusrgB4EHl07TXXO2%2FdzO38P1zPwN9K74qsESbqXxVLwpaHcSbMZmomV%2BwG75WLofOK9N13euMoD%2Fn3PJgmJn%2BsPScf4Mv963vobcmt0auBAQV96HqaUinBRXpTB%2FeBt36HKON"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f862c3c983425e4-NRT
expires: Wed, 07 Aug 2024 00:52:12 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 132ms
125ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1112
cdn-cachedat: 06/20/2023 02:41:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ca3b7dd7b37e10da241010e2a47c373e
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7f862c3c99cb80fc-NRT
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 41ms
3ms Script
text/javascript 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:47:13 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 19ms
12ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:52:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 753
age: 22542093
cdn-cachedat: 10/23/2021 07:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b8e02cd75e736c4fac8dd42eaaabad8a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7f862c3c9e20af93-NRT
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 688 B
773 B 82ms
42ms Stylesheet
text/css 2404:6800:4004:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=NTR&display=swap

Requested by

Host: webmail.bell.net
URL: https://webmail.bell.net/bell/ux/ux.css?v=3.1.3.28.1-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cc0e51431f59835990a95e931e3961e4a04fa98b59b0c5a8ffe165ee7e0b781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://webmail.bell.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 00:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 00:52:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 00:52:18 GMT

GET
DATA 200
OK truncated
/ 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f5d0f81e36d70ea35e6d8340b1aac212e0b327d2e0445b6950e233195e08039

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bbecc21cca446c905902af0936c9c06c3db45801c625c57221a96eee6db36f8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 index.html Show response
bellsubscriber.s3.us-east-005.backblazeb2.com/ Frame DFB6 7 KB
8 KB 675ms
217ms Document
text/html 149.137.137.254
BACKBLAZE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US),
Reverse DNS: s3.us-east-005.backblazeb2.com
Software: /
Resource Hash: f20f1deea159d245f00bcc89df9ca7290a92465a044728c0f21f6ebf8e38cba6

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 7395
Content-Type: text/html
Date: Fri, 18 Aug 2023 00:52:18 GMT
ETag: "34af9e91706380f1ac3de96af17384b8"
Keep-Alive: timeout=5
Last-Modified: Thu, 13 Jul 2023 12:28:59 GMT
x-amz-id-2: aNSNhzjgaMrkxFzGqOJI4FTKUYsE0TjSC
x-amz-meta-src_last_modified_millis: 1689250988000
x-amz-request-id: b57d06273dd5e88f
x-amz-version-id: 4_z651af8c2a1d1e828828b0414_f1045e2c26632f0dd_d20230713_m122859_c005_v0501004_t0011_u01689251339817

GET
H/1.1 404
Not Found bg_transparent.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ 440 B
440 B 203ms
203ms Image
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_transparent.gif
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 65bd3fb04d2415c7c3a4ff35894d86c88e7dfc11e1d258a87d7c177b010a1820

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfYWM1NWU0MDlfMTlkYzJfM2NkNTBm
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 440
Content-Type: application/xml

GET
H/1.1 404
Not Found bg_gradRibbon.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ 439 B
439 B 196ms
196ms Image
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_gradRibbon.gif
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 56164731ad7400a20187cc221dd05919717e46497c8dd246d7337ecdc1457972

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfNDU0ZmI3MDlfMTM3NV8zYTk2Njk=
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 439
Content-Type: application/xml

GET
H/1.1 404
Not Found bellslim_semibold-webfont.woff
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ 0
0 186ms
186ms Font
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/bellslim_semibold-webfont.woff
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfNTc1N2U0MDlfMjE5YmFfM2JkNjY1
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=
Content-Length: 453
Content-Type: application/xml

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7320 7 KB
2 KB 60ms
59ms Document
text/html 2404:6800:4004:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY

Requested by

Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c24babe0e6b4d0cd452b7dc0cf59186acb0fa6c5c634980ca3ffe74b562c74e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kaEDheKkGudgoglWOpnuKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1158
content-security-policy: script-src 'report-sample' 'nonce-kaEDheKkGudgoglWOpnuKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 00:52:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 450 KB
181 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184483
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 09:05:49 GMT

GET
H/1.1 404
Not Found bg_cBoxExtra.png
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ 438 B
438 B 339ms
176ms Image
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_cBoxExtra.png
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: bc559fd89eab6aed4933acb8ae5a9c9585225d06ea84b9c9dff249ecae06d3c2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfNTc1N2U0MDlfMjE5OGNfM2JiYjI4
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 438
Content-Type: application/xml

GET
H/1.1 404
Not Found bg_mainExtra.gif
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/ 438 B
438 B 343ms
171ms Image
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_mainExtra.gif
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 832bbbcdc99ec79e2413dfff697c9b0c704ca2c649c5ff913ff99973ddeaf9dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfYWM1NWU0MDlfMTlkZGNfM2NjMzk5
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
Content-Length: 438
Content-Type: application/xml

GET fontello.woff
webmail.bell.net/bell/ux/font/ 0
0

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7320 0
0 712ms
670ms Stylesheet
text/html 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ Frame 7320 0
0 130ms
89ms Script
text/html 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Trd6gj1dhC_fx0ma_AWHc1me&k=6LfI5NgaAAAAAJglwlQxU6kcHa7Bu6gNR38nhJDY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H/1.1 404
Not Found bellslim_semibold-webfont.ttf
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/ 0
0 205ms
198ms Font
application/xml 129.211.179.197
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/bellslim_semibold-webfont.ttf
Requested by: Host: recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.211.179.197 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

Referer: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html
Origin: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-cos-request-id: NjRkZWMwYzJfNDU0ZmI3MDlfMTM2ZV8zYWJjYjk=
Date: Fri, 18 Aug 2023 00:52:18 GMT
Server: tencent-cos
Connection: keep-alive
x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4MzZkMTZiZDQxYTg4MzRiMzIwYzRkYTRjMWFkNDM3YjQ=
Content-Length: 452
Content-Type: application/xml

GET
H/1.1 200 header.css
webmail.bell.net/bell/header/css/ Frame DFB6 6 KB
6 KB 189ms
189ms Stylesheet
text/css 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/header/css/header.css

Requested by

Host: bellsubscriber.s3.us-east-005.backblazeb2.com
URL: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

14e72a142eec1c65433ecb350e38c51798b6e01a37f237c023e5e5bff168f0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bellsubscriber.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:30 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"5781-1688155770000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 5781
X-Xss-Protection: 1; mode=block

GET
H/1.1 200 header.js Show response
webmail.bell.net/bell/header/js/ Frame DFB6 8 KB
9 KB 190ms
189ms Script
application/javascript 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/header/js/header.js

Requested by

Host: bellsubscriber.s3.us-east-005.backblazeb2.com
URL: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

9a7b9f391ddbe87d136b1a154567eb12a23c801ec87899d9c48408104cbfb85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bellsubscriber.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:30 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"8489-1688155770000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 8489
X-Xss-Protection: 1; mode=block

GET
H/1.1 200 flush.css
webmail.bell.net/bell/header/css/ Frame DFB6 81 KB
82 KB 212ms
211ms Stylesheet
text/css 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/header/css/flush.css

Requested by

Host: bellsubscriber.s3.us-east-005.backblazeb2.com
URL: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

7e5465fea0c74f1a06e035893dfd0fe6c16a0c734c764f775e669682ae4fca4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bellsubscriber.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:30 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"83220-1688155770000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 83220
X-Xss-Protection: 1; mode=block

GET bell.myBell.core.css
webmail.bell.net/bell/header/css/ Frame DFB6 0
0

GET
H/1.1 200 bell.connector.css
webmail.bell.net/bell/header/css/ Frame DFB6 139 KB
140 KB 377ms
187ms Stylesheet
text/css 209.71.212.18
BACOM

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail.bell.net/bell/header/css/bell.connector.css

Requested by

Host: bellsubscriber.s3.us-east-005.backblazeb2.com
URL: https://bellsubscriber.s3.us-east-005.backblazeb2.com/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.71.212.18 , Canada, ASN577 (BACOM, CA),

Reverse DNS

autodiscover.bell.net

Software

Resource Hash

beb19ccd981b1b2219adf7a8b5c0108825dc1222b33e8fdadcaa7ef68b0d6a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bellsubscriber.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Date: Fri, 18 Aug 2023 00:52:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Jun 2023 20:09:30 GMT
Accept-CH: Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, UA-Model, UA-Platform, UA
ETag: W/"142518-1688155770000"
X-Frame-Options: SAMEORIGIN
X-Dns-Prefetch-Control: off
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 142518
X-Xss-Protection: 1; mode=block

GET fontello.ttf
webmail.bell.net/bell/ux/font/ 0
0

GET
DATA 200
OK truncated
/ Frame DFB6 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 416782e76f89fd063cc951f505075e2668b7c3652293031c10607defbf7c7fb4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webmail.bell.net
URL: https://webmail.bell.net/bell/ux/font/fontello.woff?v=3.1.3.42.0-6

Domain: webmail.bell.net
URL: https://webmail.bell.net/bell/header/css/bell.myBell.core.css

Domain: webmail.bell.net
URL: https://webmail.bell.net/bell/ux/font/fontello.ttf?v=3.1.3.42.0-6

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BCE-Bell (Telecommunication)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/static/bell_common.js?seed=AMDznOqGAQAACn9-0BiWwerLgcjacqW3CGvfkVAEWsPi7ZGi6nfS1KjIDt3P&lPVnX2sAmT--z=q Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/UXConfig.js?v=3.1.3.28.1-8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/localization.js?v=3.1.3.28.1-8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/ux/ux.js?v=3.1.3.28.1-8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/bellslim_semibold-webfont.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_gradRibbon.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_transparent.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_cBoxExtra.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/img/bg_mainExtra.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/font/bellslim_semibold-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html Message: Access to font at 'https://webmail.bell.net/bell/ux/font/fontello.woff?v=3.1.3.42.0-6' from origin 'https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://webmail.bell.net/bell/ux/font/fontello.woff?v=3.1.3.42.0-6 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com/index.html Message: Access to font at 'https://webmail.bell.net/bell/ux/font/fontello.ttf?v=3.1.3.42.0-6' from origin 'https://recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://webmail.bell.net/bell/ux/font/fontello.ttf?v=3.1.3.42.0-6 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bellsubscriber.s3.us-east-005.backblazeb2.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com
stackpath.bootstrapcdn.com
webmail.bell.net
www.google.com
www.gstatic.com
webmail.bell.net
129.211.179.197
149.137.137.254
2001:4de0:ac18::1:a:1a
209.71.212.18
2404:6800:4004:822::2004
2404:6800:4004:824::2003
2404:6800:4004:824::200a
2404:6800:4004:825::200a
2606:4700::6811:180e
2606:4700::6812:bcf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0bbecc21cca446c905902af0936c9c06c3db45801c625c57221a96eee6db36f8
0f5d0f81e36d70ea35e6d8340b1aac212e0b327d2e0445b6950e233195e08039
14e72a142eec1c65433ecb350e38c51798b6e01a37f237c023e5e5bff168f0c1
2c7e81fc045dc1f57aa937e78561df432578ce10dff9b245cb9ca6ee668468b5
416782e76f89fd063cc951f505075e2668b7c3652293031c10607defbf7c7fb4
4cc0e51431f59835990a95e931e3961e4a04fa98b59b0c5a8ffe165ee7e0b781
56164731ad7400a20187cc221dd05919717e46497c8dd246d7337ecdc1457972
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
65bd3fb04d2415c7c3a4ff35894d86c88e7dfc11e1d258a87d7c177b010a1820
752a2fd980c99dcabae0aa552cd99fe9794cdf49febea1ee1c90319990b6566c
7e5465fea0c74f1a06e035893dfd0fe6c16a0c734c764f775e669682ae4fca4a
832bbbcdc99ec79e2413dfff697c9b0c704ca2c649c5ff913ff99973ddeaf9dd
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9774448250478c8bd325f5e491b896f0a47c376af56dec00342fe988bd762d76
9a7b9f391ddbe87d136b1a154567eb12a23c801ec87899d9c48408104cbfb85b
9f747902aa3a7461bcf9ca12068da7ddd36600afa66ddf9c2ab1a8838c34e0ae
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
bc559fd89eab6aed4933acb8ae5a9c9585225d06ea84b9c9dff249ecae06d3c2
beb19ccd981b1b2219adf7a8b5c0108825dc1222b33e8fdadcaa7ef68b0d6a3c
c24babe0e6b4d0cd452b7dc0cf59186acb0fa6c5c634980ca3ffe74b562c74e7
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f20f1deea159d245f00bcc89df9ca7290a92465a044728c0f21f6ebf8e38cba6
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com Open in urlscan Pro 129.211.179.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

91 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

11 IPs

5 Countries

2717 kBTransfer

3169 kBSize

0 Cookies

20 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

recordvoiceover-1320065178.cos.ap-nanjing.myqcloud.com Open in urlscan Pro
129.211.179.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

91 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

2717 kB
Transfer

3169 kB
Size

0
Cookies

34 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!