mail.whatif.ws
Open in
urlscan Pro
173.203.187.185
Public Scan
Effective URL: https://mail.whatif.ws/wmidentity/Account/Login?ReturnUrl=%2Fwmidentity%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mod...
Submission Tags: falconsandbox
Submission: On October 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 12th 2022. Valid for: 3 months.
This is the only time mail.whatif.ws was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 7 | 173.203.187.185 173.203.187.185 | 27357 (RACKSPACE) (RACKSPACE) | |
5 | 104.130.182.72 104.130.182.72 | 27357 (RACKSPACE) (RACKSPACE) | |
8 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
whatif.ws
4 redirects
mail.whatif.ws admin.whatif.ws |
165 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
7 | mail.whatif.ws |
4 redirects
mail.whatif.ws
|
5 | admin.whatif.ws |
mail.whatif.ws
|
8 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.whatifsolutions.co.uk |
help.whatif.ws |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mail.whatif.ws R3 |
2022-09-12 - 2022-12-11 |
3 months | crt.sh |
admin.whatif.ws R3 |
2022-10-10 - 2023-01-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mail.whatif.ws/wmidentity/Account/Login?ReturnUrl=%2Fwmidentity%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3Dform_post%26response_type%3Dcode%2520id_token%26redirect_uri%3Dhttps%253A%252F%252Fmail.whatif.ws%252Flogin.php%26client_id%3Dwebmail%26nonce%3D6799a0633a14e1f7484914f7e85b5ee9%26state%3D1262b7b73243b5316cf860fd854160da%26scope%3Dopenid%2520profile%2520email%2520webmail%2520openid
Frame ID: F09309494B4ECD9901ADAAC51ABF6BE5
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
What if Solutions Advanced WebmailPage URL History Show full URLs
-
http://mail.whatif.ws/
HTTP 301
https://mail.whatif.ws/ Page URL
-
https://mail.whatif.ws/index.php
HTTP 302
https://mail.whatif.ws/login.php HTTP 302
https://mail.whatif.ws/wmidentity/connect/authorize?response_mode=form_post&response_type=code+id_t... HTTP 302
https://mail.whatif.ws/wmidentity/Account/Login?ReturnUrl=%2Fwmidentity%2Fconnect%2Fauthorize%2Fcal... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: What If Home
Search URL Search Domain Scan URL
Title: Remote Support Login
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail.whatif.ws/
HTTP 301
https://mail.whatif.ws/ Page URL
-
https://mail.whatif.ws/index.php
HTTP 302
https://mail.whatif.ws/login.php HTTP 302
https://mail.whatif.ws/wmidentity/connect/authorize?response_mode=form_post&response_type=code+id_token&redirect_uri=https%3A%2F%2Fmail.whatif.ws%2Flogin.php&client_id=webmail&nonce=6799a0633a14e1f7484914f7e85b5ee9&state=1262b7b73243b5316cf860fd854160da&scope=openid+profile+email+webmail+openid HTTP 302
https://mail.whatif.ws/wmidentity/Account/Login?ReturnUrl=%2Fwmidentity%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_mode%3Dform_post%26response_type%3Dcode%2520id_token%26redirect_uri%3Dhttps%253A%252F%252Fmail.whatif.ws%252Flogin.php%26client_id%3Dwebmail%26nonce%3D6799a0633a14e1f7484914f7e85b5ee9%26state%3D1262b7b73243b5316cf860fd854160da%26scope%3Dopenid%2520profile%2520email%2520webmail%2520openid Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://mail.whatif.ws/ HTTP 301
- https://mail.whatif.ws/
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
mail.whatif.ws/ Redirect Chain
|
228 B 416 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Login
mail.whatif.ws/wmidentity/Account/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webmailLogin.js
mail.whatif.ws/wmidentity/dist/ |
111 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-back.gif
admin.whatif.ws/clients/webmail/mail_whatif_ws/images/ |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head-back.gif
admin.whatif.ws/clients/webmail/mail_whatif_ws/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
what-if-logo.gif
admin.whatif.ws/clients/webmail/mail_whatif_ws/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-bottom.gif
admin.whatif.ws/clients/webmail/mail_whatif_ws/images/ |
905 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-back.gif
admin.whatif.ws/clients/webmail/mail_whatif_ws/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| emailriddlerarray string| encryptedemail_id47 undefined| loginFailed object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| submitLogin string| encryptedemail_id853 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mail.whatif.ws/wmidentity | Name: .AspNetCore.Antiforgery.9TtSrW0hzOs Value: CfDJ8AnTKMtBYOJKuTk_gdGqSQKt9MVJezGvWOJmtPXRhLFSUm-kxxDrfxh9J5EbZh2wNBGINWRVFEe-W8PHe7zpYbbrDkSfxSJZPdYfK_7eT2d97KZe-Q9Ads8SnlYlWViL2VQqIP3_mkWsawsN0TuhHBM |
|
mail.whatif.ws/ | Name: openid_connect_nonce Value: 6799a0633a14e1f7484914f7e85b5ee9 |
|
mail.whatif.ws/ | Name: openid_connect_state Value: 1262b7b73243b5316cf860fd854160da |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admin.whatif.ws
mail.whatif.ws
104.130.182.72
173.203.187.185
50fa139c75cae92a46a5c870a90998365b26a9b85e7d35f80560dab62d8f5ca0
6a18fe46f459cb5a8f3d20aa4f0be055cdc7f9de71c6feb93d75a4742f7df1f1
767ef44700134573c647723f32563d68af5f317eb349fd4662f711bd1bfe5057
a6f32ac22821110732337c0ded0d1d114a986a8305df22c6c2ec6d91d23b4975
cad7ca1d68e29480e0134f7bbea87c94a79eec845efd599739f63dff3f8e1e98
eb5fff3ff76922723042e7ae9655e4920be200485adad8ba59f2808eaf00db77
f5ff4923d69e9f02c60d54234ce3cd25d37aba9b0cd17b8c4845b318c4fd885f
fb3fa7ffa8c0a9c0d6f6b8ec701d6813cbf769a8eefd37ccb9bcc14c3b0d290a