urlscan.io logo urlscan.io
SecurityTrails logo

mumaramail.xyz Open in urlscan Pro
207.180.242.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.matchingsearch.com/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
Effective URL: http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
Submission: On January 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 207.180.242.48, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is mumaramail.xyz.
This is the only time mumaramail.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 207.244.247.234 40021 (CONTABO)
1 207.180.242.48 51167 (CONTABO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
33 KB
1 mumaramail.xyz
mumaramail.xyz
58 KB
1 matchingsearch.com
click.matchingsearch.com
301 B
2 3
Domain Requested by
1 cdnjs.cloudflare.com mumaramail.xyz
1 mumaramail.xyz
1 click.matchingsearch.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh

This page contains 1 frames:

Primary Page: http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
Frame ID: 10B908EA5C7EA89A3EE71FD172C8CE21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.matchingsearch.com/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz HTTP 301
    http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

2
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

91 kB
Transfer

169 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.matchingsearch.com/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz HTTP 301
    http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MzY1__MTIyNDUzOTI1__NzAz
mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/
Redirect Chain
  • http://click.matchingsearch.com/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
  • http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
58 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
Protocol
HTTP/1.1
Server
207.180.242.48 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
mumaramail.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.30 / PHP/7.3.30
Resource Hash
10baaab05a008fecfd1b38534c1984c0915d7368b792bc577835b3da6fe6f72a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 29 Jan 2022 20:42:25 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.30
X-Powered-By
PHP/7.3.30
Cache-Control
max-age=2592000
Expires
Mon, 28 Feb 2022 20:42:25 GMT
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx
Date
Sat, 29 Jan 2022 20:42:25 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
297
Connection
keep-alive
Keep-Alive
timeout=60
Location
http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js
Requested by
Host: mumaramail.xyz
URL: http://mumaramail.xyz/campaign/unsub-email/MTc3Ng==/MzI4NzgxNDI=/MzY1__MTIyNDUzOTI1__NzAz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://mumaramail.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 20:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3874330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33291
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1be2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8H4R52KYKuneE8I2Jpe4fvOcefTWoKpFXKTyTDVZQzJEtu%2Fx1cxrN4Z6W2WvDp29dAuv%2BL3QfoAMJFvTp8aVbzDEjg7GegTjYnlbg%2FkFVYYwZvNpDTPgshSlXQjLo0KhM499hwNElfE5R9SKATCJ1Gj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d554977295b3744-MXP
expires
Thu, 19 Jan 2023 20:42:25 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| MorphSVGPlugin number| windowWidth number| windowHeight function| setWindowSize object| eyes object| cursorPos function| mousemove function| touchmove object| eyeFollow boolean| clicked undefined| cancelled object| animate function| random

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
click.matchingsearch.com
mumaramail.xyz
207.180.242.48
207.244.247.234
2606:4700::6810:125e
10baaab05a008fecfd1b38534c1984c0915d7368b792bc577835b3da6fe6f72a
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123