663518.selcdn.ru Open in urlscan Pro
92.53.68.205 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://663518.selcdn.ru/roundcube-support/index10.html?email=
Submission: On March 17 via manual (March 17th 2022, 4:29:16 pm UTC) from FR — Scanned from FR

Summary HTTP 9 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 92.53.68.205, located in Russian Federation and belongs to SELECTEL, RU. The main domain is 663518.selcdn.ru.

This is the only time 663518.selcdn.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	92.53.68.205 92.53.68.205		49505 (SELECTEL) (SELECTEL)
2	104.16.19.94 104.16.19.94		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.38.106.149 185.38.106.149		12703 (PULSANT-AS) (PULSANT-AS)
9	3

2 92.53.68.205 (Russian Federation)

ASN49505 (SELECTEL, RU)

663518.selcdn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.38.106.149 (United Kingdom)

ASN12703 (PULSANT-AS, GB)

webmail.supremecluster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	supremecluster.com webmail.supremecluster.com	63 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	82 KB
2	selcdn.ru 663518.selcdn.ru	94 KB
9	3

	Domain	Requested by
5	webmail.supremecluster.com	663518.selcdn.ru
2	cdnjs.cloudflare.com	663518.selcdn.ru cdnjs.cloudflare.com
2	663518.selcdn.ru	663518.selcdn.ru
9	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
webmail.supremecluster.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Frame ID: D7E1A57FB20BE1C0D09B8DDF20C61B48
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roundcube Webmail :: Welcome to Roundcube Webmail

Detected technologies

RoundCube (Web Mail) Expand

Overall confidence: 100%
Detected patterns

<title>RoundCube

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

239 kB
Transfer

622 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index10.html Show response
663518.selcdn.ru/roundcube-support/ 6 KB
6 KB 112ms
56ms Document
text/html 92.53.68.205
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Server: 92.53.68.205 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 9279c1fcc223bcb1a666d32cb9eeba872eca35c8745588435b0b54b9ab0dcf04

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
Content-Length: 5683
Content-Type: text/html
Etag: "7b21e4a4d46a0ebe4a8d90fb75512270"
Last-Modified: Wed, 16 Mar 2022 11:04:14 GMT
X-Timestamp: 1647428653.05187
X-Trans-Id: 16dcd7a1a983bd97
Date: Thu, 17 Mar 2022 07:53:07 GMT
Age: 30965

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 60ms
23ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1358356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTgTP8UDrH%2BKSPK2YlBA5ogzS%2BqX7dkWh%2BMiHAcDznqPzkbRFnk5MdsJAcrDTE2p%2F2cgNEbbaGk4qBurLcyvalX9Hda4WWHuqsudk8qwymsb6PKF%2BDWySb%2F2YiaS4f8V8AJqy%2FXz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed71b28789a99a5-CDG
expires: Tue, 07 Mar 2023 16:29:12 GMT

GET
H/1.1 200
OK bootstrap.min.css
webmail.supremecluster.com/skins/elastic/deps/ 152 KB
23 KB 132ms
37ms Stylesheet
text/css 185.38.106.149
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.supremecluster.com/skins/elastic/deps/bootstrap.min.css?s=1593860330
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.106.149 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 16:29:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2020 10:58:50 GMT
Server: Apache/2.4.38 (Debian)
ETag: "26041-5a99b86ca8e80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23198

GET
H/1.1 200
OK styles.css
webmail.supremecluster.com/skins/elastic/styles/ 101 KB
19 KB 127ms
32ms Stylesheet
text/css 185.38.106.149
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.supremecluster.com/skins/elastic/styles/styles.css?s=1593860317
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.106.149 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 360bc4a9894bbd41134a2eea27ee9251f649e6aa395c1836caaa2f90e123f91a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 16:29:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2020 10:58:37 GMT
Server: Apache/2.4.38 (Debian)
ETag: "19364-5a99b86043140-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19569

GET
H/1.1 200
OK framework.css
webmail.supremecluster.com/plugins/xframework/assets/styles/ 137 KB
11 KB 126ms
31ms Stylesheet
text/css 185.38.106.149
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.supremecluster.com/plugins/xframework/assets/styles/framework.css?s=1506327547
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.106.149 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: d03c63279869e53eb494e8951f38a04ca6d8c94b2e5325fd5654a6e751d3ae72

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 16:29:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2017 08:19:07 GMT
Server: Apache/2.4.38 (Debian)
ETag: "22246-559ff365ab4c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11054

GET
H/1.1 200
OK jquery-ui.css
webmail.supremecluster.com/plugins/jqueryui/themes/elastic/ 33 KB
8 KB 127ms
32ms Stylesheet
text/css 185.38.106.149
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.supremecluster.com/plugins/jqueryui/themes/elastic/jquery-ui.css?s=1593860316
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.106.149 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 16:29:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2020 10:58:36 GMT
Server: Apache/2.4.38 (Debian)
ETag: "858e-5a99b85f4ef00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8157

GET
H/1.1 200
OK logo.svg
webmail.supremecluster.com/skins/elastic/images/ 888 B
736 B 122ms
28ms Image
image/svg+xml 185.38.106.149
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.supremecluster.com/skins/elastic/images/logo.svg?s=1593860317
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.106.149 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2b2d9c7a82f92976268b03e13c61f64ead91a3c63b97c59cef2acbf501f67618

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 16:29:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2020 10:58:37 GMT
Server: Apache/2.4.38 (Debian)
ETag: "378-5a99b86043140-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 395

GET
H/1.1 200
OK jquery.min.v2.js Show response
663518.selcdn.ru/roundcube-support/ 88 KB
88 KB 56ms
56ms Script
text/javascript 92.53.68.205
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: http://663518.selcdn.ru/roundcube-support/jquery.min.v2.js
Requested by: Host: 663518.selcdn.ru
URL: http://663518.selcdn.ru/roundcube-support/index10.html?email=
Protocol: HTTP/1.1
Server: 92.53.68.205 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 8d158625723a50923d0b5a8665d4ae7ddcf60de25ece3da11c3acda2661bcad0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://663518.selcdn.ru/roundcube-support/index10.html?email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 06:54:37 GMT
Last-Modified: Wed, 16 Mar 2022 11:04:14 GMT
Age: 34475
Etag: "fdb1c34db87ac248c26539dbb675a688"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
Content-Length: 89614
Accept-Ranges: bytes
X-Trans-Id: 16dcd7a1ad8f4e15
X-Timestamp: 1647428653.12958

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 54ms
33ms Font
application/octet-stream 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://663518.selcdn.ru
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:29:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 676406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJiKPKfNinMwtkuMjWMHjBUhOXbIivbdHOdeA%2BB1vDSubz6RwE5tWUPM6slqd2%2BhqFDIw0bzkrVhsGvwDZaggq2p8ELycBDFpGTzlt8rI1B0ix6aRrswKlJRAZuC5AAo7DZCH%2Bp0"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ed71b29781bedd7-CDG
expires: Tue, 07 Mar 2023 16:29:12 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| showEl function| hideEl

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

663518.selcdn.ru
cdnjs.cloudflare.com
webmail.supremecluster.com
104.16.19.94
185.38.106.149
92.53.68.205
06bd23ab85e71dcb4aabe629932bb6438fe0819cfd037fd5f53168af71db0c35
2b2d9c7a82f92976268b03e13c61f64ead91a3c63b97c59cef2acbf501f67618
360bc4a9894bbd41134a2eea27ee9251f649e6aa395c1836caaa2f90e123f91a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8d158625723a50923d0b5a8665d4ae7ddcf60de25ece3da11c3acda2661bcad0
9279c1fcc223bcb1a666d32cb9eeba872eca35c8745588435b0b54b9ab0dcf04
d03c63279869e53eb494e8951f38a04ca6d8c94b2e5325fd5654a6e751d3ae72
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342