secure.whatcounts.com
Open in
urlscan Pro
35.167.157.101
Public Scan
Submitted URL: http://email.especiallyyours.com.admin-mcas-df.ms/
Effective URL: https://secure.whatcounts.com/bin/login?t=1
Submission: On January 04 via api from US — Scanned from US
Effective URL: https://secure.whatcounts.com/bin/login?t=1
Submission: On January 04 via api from US — Scanned from US
Summary
This website contacted 5 IPs
in 1 countries
across 5 domains to perform 18 HTTP transactions.
The main IP is 35.167.157.101, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is secure.whatcounts.com.
TLS certificate: Issued by Amazon on July 28th 2022. Valid for: a year.
This is the only time secure.whatcounts.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on July 28th 2022. Valid for: a year.
This is the only time secure.whatcounts.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 20.241.142.98 20.241.142.98 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 3 | 2600:1400:d::... 2600:1400:d::6878:d2a0 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 34.210.132.119 34.210.132.119 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 13 | 35.167.157.101 35.167.157.101 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:822::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 18 | 5 |
1
20.241.142.98
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| email.especiallyyours.com.admin-mcas-df.ms |
3
2600:1400:d::6878:d2a0
(New York, United States)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| mcasproxy.azureedge.net |
1
34.210.132.119
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-132-119.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-132-119.us-west-2.compute.amazonaws.com
| email.especiallyyours.com |
13
35.167.157.101
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-157-101.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-157-101.us-west-2.compute.amazonaws.com
| secure.whatcounts.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
whatcounts.com
1 redirects
secure.whatcounts.com |
128 KB |
| 3 |
azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 113365 |
44 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
10 KB |
| 1 |
especiallyyours.com
email.especiallyyours.com |
958 B |
| 1 |
admin-mcas-df.ms
email.especiallyyours.com.admin-mcas-df.ms |
1 KB |
| 18 | 5 |
| Domain | Requested by | |
|---|---|---|
| 13 | secure.whatcounts.com |
1 redirects
email.especiallyyours.com
secure.whatcounts.com |
| 3 | mcasproxy.azureedge.net |
email.especiallyyours.com.admin-mcas-df.ms
mcasproxy.azureedge.net |
| 1 | fonts.gstatic.com |
secure.whatcounts.com
|
| 1 | email.especiallyyours.com | |
| 1 | email.especiallyyours.com.admin-mcas-df.ms | |
| 18 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.azureedge.net Microsoft Azure ECC TLS Issuing CA 01 |
2022-07-27 - 2023-07-22 |
a year | crt.sh |
| *.whatcounts.com Amazon |
2022-07-28 - 2023-08-26 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://secure.whatcounts.com/bin/login?t=1
Frame ID: 2934B5453872E782F135BA68DDA47924
Requests: 16 HTTP requests in this frame
Frame:
https://mcasproxy.azureedge.net/proxyweb/1.27.11/html/session-context-restore.html
Frame ID: FDCED92BB38F5146DAB4D33572F16D03
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
- http://email.especiallyyours.com.admin-mcas-df.ms/ Page URL
- https://email.especiallyyours.com/ Page URL
-
https://secure.whatcounts.com/bin/front
HTTP 302
https://secure.whatcounts.com/bin/login?t=1 Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://email.especiallyyours.com.admin-mcas-df.ms/ Page URL
- https://email.especiallyyours.com/ Page URL
-
https://secure.whatcounts.com/bin/front
HTTP 302
https://secure.whatcounts.com/bin/login?t=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
email.especiallyyours.com.admin-mcas-df.ms/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.27.11/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.27.11/html/ Frame FDCE |
209 B 659 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.27.11/js/ Frame FDCE |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
email.especiallyyours.com/ |
713 B 958 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
login
secure.whatcounts.com/bin/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pace-theme-flash.css
secure.whatcounts.com/app/components/assets/plugins/pace/ |
2 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
secure.whatcounts.com/app/components/css/ |
138 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.css
secure.whatcounts.com/app/components/css/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.scrollbar.css
secure.whatcounts.com/app/components/css/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2.css
secure.whatcounts.com/app/components/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
switchery.css
secure.whatcounts.com/app/components/css/ |
682 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pages-icons.css
secure.whatcounts.com/app/components/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vibes.css
secure.whatcounts.com/app/components/css/ |
275 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
secure.whatcounts.com/app/components/assets/plugins/jquery/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Z.svg
secure.whatcounts.com/app/components/assets/img/login/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wc_logo_2020_osgtag.png
secure.whatcounts.com/app/components/img/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
IQHow_FEYlDC4Gzy_m8fcmaVI6zN22yiurzcBKxPjFE.woff2
fonts.gstatic.com/s/montserrat/v5/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| secure.whatcounts.com/ | Name: JSESSIONID Value: 7B1A72E264435E75FD56BDAA1621B0D1.tom1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
email.especiallyyours.com
email.especiallyyours.com.admin-mcas-df.ms
fonts.gstatic.com
mcasproxy.azureedge.net
secure.whatcounts.com
20.241.142.98
2600:1400:d::6878:d2a0
2607:f8b0:4006:822::2003
34.210.132.119
35.167.157.101
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c1814c683bca9f0a8032c3f289c6611c0a0e666d268e432d96c8e8686b51c2e
0dfc99adb11377652e8bb33e80c45fc92eee3e649f8218eb8f1cddfcbd5f5008
1b4942d04df1bc7d6b87d856ded05666b62c71f6e8fb726f2f521773179482fe
1e137ab0af40f4d872fd6c67ce0c81e968cca6b67dfe9bfe231ecc095117cbca
3c99ba739418d6dd0b1ecf91ff6bd2a1bc017c8f4e4b4dea8542ec01887f50c1
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
808b98626abd9b75a5ff8df508bcf38027309c32ea7f8cb967281dbfacf6fe8d
908b23c978722739dd20269deed27e5e6256d6226c17ee25843226794df8944e
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
acc191179879bb64ed17d45a97a831a237c19e918073624268697199db60748b
c2b65ab12e482c7e898d9b9786b6c6b98ea459754daead5205437b539e0d253a
dbbd3cb37d09944e873f1a168454b1125e6fa43dcd2af091289501131522e351
f966981d30ed914f1afbfeaaa57d55a9768e01e68a3a8ee67f5a06d75246e5d6
fbd6125b1abe8839ad63369ff8b6b280dba95b458312469be7da02cdd72774e9
feff026806345fc239de366c15926d43b368a9c1448b24d60d7504ec18f68603