urlscan.io logo urlscan.io
SecurityTrails logo

webticket.customcouriers.com Open in urlscan Pro
2602:ff64::104:244:28:168  Public Scan

Go To Rescan Add Verdict Report
URL: https://webticket.customcouriers.com/
Submission: On September 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 2602:ff64::104:244:28:168, located in United States and belongs to TEXASNET-ASN, US. The main domain is webticket.customcouriers.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 24th 2020. Valid for: 3 months.
This is the only time webticket.customcouriers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2602:ff64::10... 3900 (TEXASNET-ASN)
4 1
Domain Requested by
2 customcouriers.com webticket.customcouriers.com
1 newwebticket.customcouriers.com webticket.customcouriers.com
1 webticket.customcouriers.com
4 3

This site contains no links.

Subject Issuer Validity Valid
customcouriers.com
Let's Encrypt Authority X3		 2020-09-24 -
2020-12-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://webticket.customcouriers.com/
Frame ID: 0E6B3616BB12B8760FEE4BE93103008C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

3
Subdomains

1
IPs

1
Countries

19 kB
Transfer

54 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
webticket.customcouriers.com/ 		29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webticket.customcouriers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:ff64::104:244:28:168 , United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
60ff46194cfd5d5a8b9568a5051e6b228f60a01f4270259e83d278d01a164a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
webticket.customcouriers.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
Thu, 24 Sep 2020 08:19:49 GMT,0
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=ubw0hi5h25fkau1qcet3mtmz; path=/; secure; HttpOnly; SameSite=Lax
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Sep 2020 08:19:48 GMT
content-length
5436
autofillsearch.js
newwebticket.customcouriers.com/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newwebticket.customcouriers.com/autofillsearch.js
Requested by
Host: webticket.customcouriers.com
URL: https://webticket.customcouriers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:ff64::104:244:28:168 , United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4f457cf5f3e4a84eb081c3bd3cf76d303bec8c6027921cb0dd3bb3afae0ab3e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://webticket.customcouriers.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 06 Nov 2019 22:00:47 GMT
server
Microsoft-IIS/10.0
etag
"892329a5ed94d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
date
Thu, 24 Sep 2020 08:19:48 GMT
accept-ranges
bytes
content-length
8572
expires
0
autofillsearch.js
customcouriers.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customcouriers.com/autofillsearch.js
Requested by
Host: webticket.customcouriers.com
URL: https://webticket.customcouriers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:ff64::104:244:28:168 , United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4f457cf5f3e4a84eb081c3bd3cf76d303bec8c6027921cb0dd3bb3afae0ab3e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://webticket.customcouriers.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2019 22:00:47 GMT
server
Microsoft-IIS/10.0
etag
"8091c7a4ed94d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
date
Thu, 24 Sep 2020 08:19:49 GMT
accept-ranges
bytes
content-length
2364
expires
0
autofillsearch.js
customcouriers.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customcouriers.com/autofillsearch.js
Requested by
Host: webticket.customcouriers.com
URL: https://webticket.customcouriers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:ff64::104:244:28:168 , United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4f457cf5f3e4a84eb081c3bd3cf76d303bec8c6027921cb0dd3bb3afae0ab3e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://webticket.customcouriers.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2019 22:00:47 GMT
server
Microsoft-IIS/10.0
etag
"8091c7a4ed94d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
date
Thu, 24 Sep 2020 08:19:49 GMT
accept-ranges
bytes
content-length
2364
expires
0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| Vert1rollbutton function| Vert1RollSubButton object| Vert1mouseoff object| Vert1mouseon object| o function| validate string| NSAutoFillScriptID string| NSAutoFillID function| getXmlHttpRequestObject object| AutoFillRequestObject function| NSAutoFill function| NSAutoFillkeydown function| handleAutoFill function| AutoFillCurrentSelection number| layerID_to_hide function| HideAutoFillResultsin200Mill function| HideAutoFillResults function| ShowAutoFillResults function| getDataFromScripTag function| AutoFillIECheckAgain function| AutoFillFakeXMLFeedback function| setAutoFill function| AutoFillFindPos string| strAuotFillStyle object| node object| head number| ie number| ns6 function| yOffset function| scrollFunction function| topFunction function| doonload function| NSgetXmlHttpRequestObject function| NSKeepAlive function| ShowMobileMenu object| oMenu object| oMain object| oPMT

1 Cookies

Domain/Path Name / Value
webticket.customcouriers.com/ Name: ASP.NET_SessionId
Value: ubw0hi5h25fkau1qcet3mtmz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

customcouriers.com
newwebticket.customcouriers.com
webticket.customcouriers.com
2602:ff64::104:244:28:168
4f457cf5f3e4a84eb081c3bd3cf76d303bec8c6027921cb0dd3bb3afae0ab3e5
60ff46194cfd5d5a8b9568a5051e6b228f60a01f4270259e83d278d01a164a76