urlscan.io logo urlscan.io
SecurityTrails logo

mc-rccorpmail-mc21.web.app Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://mc-rccorpmail-mc21.web.app/
Submission: On March 31 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is mc-rccorpmail-mc21.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.
This is the only time mc-rccorpmail-mc21.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:0:890::100 54113 (FASTLY)
1 152.199.19.160 15133 (EDGECAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4
Apex Domain
Subdomains		 Transfer
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 17421
558 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2002
39 KB
1 web.app
mc-rccorpmail-mc21.web.app
1 KB
0 mailcoastlabs.com Failed
mailcoastlabs.com Failed
4 4
Domain Requested by
1 ipapi.co ajax.aspnetcdn.com
1 ajax.aspnetcdn.com mc-rccorpmail-mc21.web.app
1 mc-rccorpmail-mc21.web.app
0 mailcoastlabs.com Failed mc-rccorpmail-mc21.web.app
4 4

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2023-03-06 -
2023-06-04		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh

This page contains 1 frames:

Frame: https://mailcoastlabs.com/0365__mx/RC/r2e043yhsxed.html
Frame ID: 049E967B646E16C936C568086CB26764
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

75 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

40 kB
Transfer

89 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mc-rccorpmail-mc21.web.app/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc-rccorpmail-mc21.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03a7546ec8fb459e950c32287a23a03f911f869026b437641848edbf0265e333
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
797
content-type
text/html; charset=utf-8
date
Fri, 31 Mar 2023 07:01:44 GMT
etag
"b959967bd8205d9dc7950fc96dea103561c9ac46ed6c7781d549a38dd2f9d80b-br"
last-modified
Wed, 21 Apr 2021 20:30:55 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-eddf8230030-FRA
x-timer
S1680246105.559696,VS0,VE1
jquery-3.4.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Requested by
Host: mc-rccorpmail-mc21.web.app
URL: https://mc-rccorpmail-mc21.web.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4903) /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mc-rccorpmail-mc21.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 07:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1148242
x-cache
HIT
content-length
39406
x-xss-protection
1; mode=block
last-modified
Thu, 11 Apr 2019 17:22:26 GMT
server
ECAcc (ama/4903)
etag
"c1ebe9218bf0d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
/
ipapi.co/org/ 		15 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipapi.co/org/
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://mc-rccorpmail-mc21.web.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 07:01:44 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, Origin
allow
OPTIONS, POST, HEAD, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mc-rccorpmail-mc21.web.app
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02%2Bgdifbze%2Fxj9CTaBvD%2FHwfidqtoJujs9T8cSTmnT6VK%2FrWxYhzqceXm9YCpMWzHvF3zkjUifuH%2FcbPauF2BDDxldz9AjNTB5dFPpQYNZPmMp4mvKe7%2F4nJMmiCrM%2BR7Nzy5hh9"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
7b06b90a8c4bbb5b-FRA
content-length
15
r2e043yhsxed.html
mailcoastlabs.com/0365__mx/RC/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mailcoastlabs.com
URL
https://mailcoastlabs.com/0365__mx/RC/r2e043yhsxed.html

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ipapi.co
mailcoastlabs.com
mc-rccorpmail-mc21.web.app
mailcoastlabs.com
152.199.19.160
2606:4700:20::ac43:45e2
2620:0:890::100
03a7546ec8fb459e950c32287a23a03f911f869026b437641848edbf0265e333
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8