s22135.gridserver.com
Open in
urlscan Pro
64.13.232.214
Public Scan
Submitted URL: https://www.webmail.edumovil.mx/
Effective URL: http://s22135.gridserver.com/.tools/webmail/
Submission: On October 28 via automatic, source certstream-suspicious
Effective URL: http://s22135.gridserver.com/.tools/webmail/
Submission: On October 28 via automatic, source certstream-suspicious
Summary
This website contacted 2 IPs
in 2 countries
across 3 domains to perform 10 HTTP transactions.
The main IP is 64.13.232.214, located in
Culver City, United States and
belongs to MEDIATEMPLE, US.
The main domain is s22135.gridserver.com.
This is the only time s22135.gridserver.com was scanned on urlscan.io!
This is the only time s22135.gridserver.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 65.99.225.54 65.99.225.54 | 30496 (AS-TIERP-...) (AS-TIERP-30496) | |
| 9 | 64.13.232.214 64.13.232.214 | 31815 (MEDIATEMPLE) (MEDIATEMPLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::200a | 15169 (GOOGLE) (GOOGLE) | |
| 10 | 2 |
1
65.99.225.54
(Barrington, United States)
ASN30496 (AS-TIERP-30496, US)
PTR: hv37svr153.neubox.net
ASN30496 (AS-TIERP-30496, US)
PTR: hv37svr153.neubox.net
| www.webmail.edumovil.mx |
9
64.13.232.214
(Culver City, United States)
ASN31815 (MEDIATEMPLE, US)
PTR: acmkoieeqs.gs02.gridserver.com
ASN31815 (MEDIATEMPLE, US)
PTR: acmkoieeqs.gs02.gridserver.com
| s22135.gridserver.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
gridserver.com
s22135.gridserver.com |
19 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
72 KB |
| 1 |
edumovil.mx
1 redirects
www.webmail.edumovil.mx |
265 B |
| 10 | 3 |
| Domain | Requested by | |
|---|---|---|
| 9 | s22135.gridserver.com |
s22135.gridserver.com
|
| 1 | ajax.googleapis.com |
s22135.gridserver.com
|
| 1 | www.webmail.edumovil.mx | 1 redirects |
| 10 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://s22135.gridserver.com/.tools/webmail/
Frame ID: C9EFF18748A8053FFF03779CFC9C911C
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.webmail.edumovil.mx/
HTTP 301
http://s22135.gridserver.com/.tools/webmail/ Page URL
Detected technologies
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.webmail.edumovil.mx/
HTTP 301
http://s22135.gridserver.com/.tools/webmail/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
s22135.gridserver.com/.tools/webmail/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
s22135.gridserver.com/.tools/webmail/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
ajax.googleapis.com/ajax/libs/jquery/1.7.0/ |
243 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.cookie.min.js
s22135.gridserver.com/.tools/webmail/js/cookie/ |
1 KB 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.searchparams.min.js
s22135.gridserver.com/.tools/webmail/js/searchparams/ |
1 KB 915 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
multilogin_functions.js
s22135.gridserver.com/.tools/webmail/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.js
s22135.gridserver.com/.tools/webmail/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg.png
s22135.gridserver.com/.tools/webmail/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-login-secure.png
s22135.gridserver.com/.tools/webmail/images/ |
265 B 541 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common-login-loading-spinner.gif
s22135.gridserver.com/.tools/webmail/images/ |
847 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| email object| password number| cluster function| $ function| jQuery function| parse_search_params function| fill_in_values object| cookie_name_for function| save_state_to_cookies function| state_from_cookies function| login_atmail function| $e object| value_of string| multi_login_mode function| default_app function| handle_login function| show_error function| show_legacy_picker function| update_legacy_language function| toss_to_landing_page function| set_webmail_type function| login_legacy_email object| apps string| cluster_style object| app_selector0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
s22135.gridserver.com
www.webmail.edumovil.mx
2a00:1450:4001:824::200a
64.13.232.214
65.99.225.54
04c3154208424e2b09409b901a5af8dbdb6ac3bdfc41d771cab9f99f069df971
14bb30ca11e99fcdfab937989a2856d90781037056d4af1dfaa2a10f06535992
24a32e1861e36a72e446519e13de73bce31fb7d2118a4507157057d73db72b68
4276ffbbeb8d6de873d22447b933d5d4a0734472a07c726fb50ad99963cdae16
6d6b945d580f0dd0c9120321a04c77eb2b194faaad8782833701be269382fe75
7c1885ec8620f40a10d045948d3f9f7b8f9c4f7bd2ff1ddfb486a9f27e95e3e3
8c1de7e4d5b30f50c6996238d2ae6935108c2dfc60241a6eaba8385e06a5ecec
d4c5e24452961d25e1f04d5e242de1384ca77cb6e23522a2ad2437941ef6b2f6
e4f2e44db6ed148b16fa8f456a98eb3c3f7936a33da19874f6613634da2a0611
f298896152a2204a60d65d4fe837ba1ec3ff974a194488aef7fc69113ddcddb9