2cb66f7d.ngrok.io Open in urlscan Pro
2600:1f16:59e:b200:f152:bf63:c2ce:89d4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/
Submission: On September 29 via manual (September 29th 2017, 5:50:47 pm UTC) from US

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2600:1f16:59e:b200:f152:bf63:c2ce:89d4, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is 2cb66f7d.ngrok.io.

This is the only time 2cb66f7d.ngrok.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	2600:1f16:59e... 2600:1f16:59e:b200:f152:bf63:c2ce:89d4		16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	130.15.12.24 130.15.12.24		31983 (QUEENSU-K...) (QUEENSU-KINGSTON - Queen_s University)
13	2

3 2600:1f16:59e:b200:f152:bf63:c2ce:89d4 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

2cb66f7d.ngrok.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 130.15.12.24 (Kingston, Canada)

ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA)
PTR: qwa.queensu.ca

qwa.queensu.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	queensu.ca qwa.queensu.ca	16 KB
3	ngrok.io 2cb66f7d.ngrok.io	87 KB
13	2

	Domain	Requested by
10	qwa.queensu.ca	2cb66f7d.ngrok.io
3	2cb66f7d.ngrok.io	2cb66f7d.ngrok.io
13	2

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid
qwa.queensu.ca Entrust Certification Authority - L1M	`2017-04-03` - `2019-04-03`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/
Frame ID: 23814.1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Outlook Web App (Web Mail) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Win32|Win64/i
html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<link\s[^>]*href="[^"]*?([\d.]+)\/themes\/resources\/owafont\.css/i

Page Statistics

13
Requests

77 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

103 kB
Transfer

111 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://go.microsoft.com/fwlink/?LinkID=129362
Title: click here.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 2cb66f7d.ngrok.io/webmail/account/8045600233/app/	9 KB 9 KB	284ms 137ms	Document text/html	2600:1f16:59e:b200:f152:bf63:c2ce:89d4 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Server 2600:1f16:59e:b200:f152:bf63:c2ce:89d4 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 / PHP/5.6.30 Resource Hash `c7a58fbd0a3edcaee8d23eafc34fcd896f06f51e10aa2edebecce90d3f359f02` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 2cb66f7d.ngrok.io Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:43 GMT Server Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 X-Powered-By PHP/5.6.30 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Cookie set logon.css qwa.queensu.ca/owa/14.3.319.2/themes/resources/	2 KB 1 KB	609ms 113ms	Stylesheet text/css	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `a83219527135e374080a505a03b26429bba025155761a7f3811317a9579cf4c7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Content-Encoding gzip ETag "80a6e5d5c494cc1:0" Last-Modified Thu, 27 Oct 2011 16:24:01 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public,max-age=2592000 Set-Cookie OutlookSession=83392c8e0c6b4113a480ebcf7293e5f2; path=/; secure; HttpOnly Accept-Ranges bytes Content-Length 1046
GET H/1.1	200 OK	Cookie set owafont.css qwa.queensu.ca/owa/14.3.319.2/themes/resources/	5 KB 2 KB	612ms 111ms	Stylesheet text/css	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/owafont.css Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Content-Encoding gzip ETag "043c328164ce1:0" Last-Modified Wed, 06 Feb 2013 03:00:46 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control public,max-age=2592000 Set-Cookie OutlookSession=3653f3e2cc414f63b8c5a114165c5e5b; path=/; secure; HttpOnly Accept-Ranges bytes Content-Length 1773
GET H/1.1	200 OK	Cookie set flogon.js Show response qwa.queensu.ca/owa/14.3.319.2/scripts/premium/	4 KB 2 KB	716ms 107ms	Script application/x-javascript	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Full URL https://qwa.queensu.ca/owa/14.3.319.2/scripts/premium/flogon.js Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept / Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Content-Encoding gzip ETag "089f0fa69e0d01:0" Last-Modified Thu, 27 Aug 2015 01:44:58 GMT X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public,max-age=2592000 Set-Cookie OutlookSession=56ab50122472446bbb5631f897c1c906; path=/; secure; HttpOnly Accept-Ranges bytes Content-Length 1934
GET H/1.1	200 OK	lgntopl.png 2cb66f7d.ngrok.io/webmail/account/8045600233/app/img/	78 KB 78 KB	135ms 135ms	Image image/png	2600:1f16:59e:b200:f152:bf63:c2ce:89d4 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/img/lgntopl.png Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Server 2600:1f16:59e:b200:f152:bf63:c2ce:89d4 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 / Resource Hash `a1480e9ade0077ed11f70a89c5792210eb1db0820ad5e882afae77e4ab9f3dd6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 2cb66f7d.ngrok.io User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:44 GMT Last-Modified Mon, 25 Sep 2017 15:59:50 GMT Server Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 Accept-Ranges bytes ETag "13918-55a05a6102d3b" Content-Length 80152 Content-Type image/png
GET H/1.1	200 OK	lgntopr.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	581 B 581 B	114ms 113ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgntopr.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Last-Modified Wed, 06 Feb 2013 03:00:46 GMT X-Powered-By ASP.NET ETag "043c328164ce1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 581
GET H/1.1	404 Not Found	lgnexlogo.gif 2cb66f7d.ngrok.io/owa/14.3.319.2/themes/resources/	1 KB 0	243ms 136ms	Image text/html	2600:1f16:59e:b200:f152:bf63:c2ce:89d4 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://2cb66f7d.ngrok.io/owa/14.3.319.2/themes/resources/lgnexlogo.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Server 2600:1f16:59e:b200:f152:bf63:c2ce:89d4 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 / Resource Hash `890d101f0edf03f9ae81d5b5e16e0c7d5c316eb1f7628a0ce8b001a528e40cb3` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 2cb66f7d.ngrok.io User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:44 GMT Vary accept-language,accept-charset Server Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 Accept-Ranges bytes Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Content-Language en
GET H/1.1	200 OK	lgnbotl.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	8 KB 8 KB	117ms 117ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgnbotl.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `409cc7e51834b334284cd7288fcaff89293d2ab2b88f81377cd81d35e7dc8504` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Last-Modified Tue, 15 Mar 2011 13:03:05 GMT X-Powered-By ASP.NET ETag "808a9a5211e3cb1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 7895
GET H/1.1	200 OK	lgnbotr.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	2 KB 2 KB	113ms 113ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgnbotr.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `ddb0bca13e1cf7ea5c9f1b6e36029787896b37db754005f8ef666ff25da5e82c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:36 GMT Last-Modified Tue, 15 Mar 2011 13:03:03 GMT X-Powered-By ASP.NET ETag "805d695111e3cb1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 2190
GET H/1.1	200 OK	lgntopm.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	58 B 58 B	221ms 109ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgntopm.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:37 GMT Last-Modified Wed, 06 Feb 2013 03:00:46 GMT X-Powered-By ASP.NET ETag "043c328164ce1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 58
GET H/1.1	200 OK	lgnleft.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	290 B 290 B	223ms 107ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgnleft.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:37 GMT Last-Modified Wed, 06 Feb 2013 03:00:46 GMT X-Powered-By ASP.NET ETag "043c328164ce1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 290
GET H/1.1	200 OK	lgnright.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	306 B 306 B	325ms 107ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgnright.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:37 GMT Last-Modified Wed, 06 Feb 2013 03:00:46 GMT X-Powered-By ASP.NET ETag "043c328164ce1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 306
GET H/1.1	200 OK	lgnbotm.gif qwa.queensu.ca/owa/14.3.319.2/themes/resources/	360 B 360 B	212ms 107ms	Image image/gif	130.15.12.24 Queen_s University
General Check archive.org Show headers Download Go to Show image Full URL https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/lgnbotm.gif Requested by Host: 2cb66f7d.ngrok.io URL: http://2cb66f7d.ngrok.io/webmail/account/8045600233/app/ Protocol HTTP/1.1 Security TLS 1.0, ECDHE_RSA, AES_256_CBC Server 130.15.12.24 Kingston, Canada, ASN31983 (QUEENSU-KINGSTON - Queen_s University, CA), Reverse DNS qwa.queensu.ca Software / ASP.NET Resource Hash `e5b6e902b3aadfa5b3e25fdc7a719c0dee3d92ed0a9058a942c53810b6d4d04d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host qwa.queensu.ca User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css Cookie OutlookSession=56ab50122472446bbb5631f897c1c906 Connection keep-alive Cache-Control no-cache Referer https://qwa.queensu.ca/owa/14.3.319.2/themes/resources/logon.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 29 Sep 2017 17:50:37 GMT Last-Modified Thu, 17 Mar 2011 10:43:00 GMT X-Powered-By ASP.NET ETag "0d2a81590e4cb1:0" Content-Type image/gif Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 360

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			2cb66f7d.ngrok.io/webmail/account/8045600233/app	1970-01-01 00:00:00	Name: cookieTest Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cb66f7d.ngrok.io
qwa.queensu.ca
130.15.12.24
2600:1f16:59e:b200:f152:bf63:c2ce:89d4
215d250a6028db2afb14ba5028f23493f042cee6fdd59f59e4deb10fd63b1060
409cc7e51834b334284cd7288fcaff89293d2ab2b88f81377cd81d35e7dc8504
5a8a50bbfec3340a13879de71a5dbe889eca252ac9cfb523c6cea94f05b7b673
890d101f0edf03f9ae81d5b5e16e0c7d5c316eb1f7628a0ce8b001a528e40cb3
96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185
9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6
a1480e9ade0077ed11f70a89c5792210eb1db0820ad5e882afae77e4ab9f3dd6
a83219527135e374080a505a03b26429bba025155761a7f3811317a9579cf4c7
a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775
c7a58fbd0a3edcaee8d23eafc34fcd896f06f51e10aa2edebecce90d3f359f02
ddb0bca13e1cf7ea5c9f1b6e36029787896b37db754005f8ef666ff25da5e82c
e5b6e902b3aadfa5b3e25fdc7a719c0dee3d92ed0a9058a942c53810b6d4d04d
f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301