urlscan.io logo urlscan.io
SecurityTrails logo

cloud.mc.kestrafinancial.com Open in urlscan Pro
13.110.195.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.mc.kestrafinancial.com/?qs=c1e6c060d241f32b9a397c9a5aa6a7492a5a9511cfc66f858a5df47a39a6590dac630ede8af33ca22c41ddcc3c36...
Effective URL: https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293...
Submission: On January 18 via api from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 13.110.195.223, located in United States and belongs to SALESFORCE, US. The main domain is cloud.mc.kestrafinancial.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 6th 2023. Valid for: a year.
This is the only time cloud.mc.kestrafinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.110.199.180 14340 (SALESFORCE)
1 13.110.195.223 14340 (SALESFORCE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2
Domain Requested by
1 image.mc.kestraholdings.com cloud.mc.kestrafinancial.com
1 cloud.mc.kestrafinancial.com
1 click.mc.kestrafinancial.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
cloud.mc.kestrafinancial.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-06 -
2024-11-05		 a year crt.sh
san-9-s12.tlsprovisioning.exacttarget.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-01 -
2025-01-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d58274522a94
Frame ID: 0B7953BE7DFF257C6EA07627F2C72716
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Preference Center

Page URL History Show full URLs

  1. https://click.mc.kestrafinancial.com/?qs=c1e6c060d241f32b9a397c9a5aa6a7492a5a9511cfc66f858a5df47a39a6590dac630ede... HTTP 302
    https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea359... Page URL

Page Statistics

2
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

7 kB
Transfer

12 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.mc.kestrafinancial.com/?qs=c1e6c060d241f32b9a397c9a5aa6a7492a5a9511cfc66f858a5df47a39a6590dac630ede8af33ca22c41ddcc3c36967b34b308793c11233d3ed1b7f2c4d4ac60 HTTP 302
    https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d58274522a94 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PCLanding%20Page
cloud.mc.kestrafinancial.com/
Redirect Chain
  • https://click.mc.kestrafinancial.com/?qs=c1e6c060d241f32b9a397c9a5aa6a7492a5a9511cfc66f858a5df47a39a6590dac630ede8af33ca22c41ddcc3c36967b34b308793c11233d3ed1b7f2c4d4ac60
  • https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d5827452...
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d58274522a94
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.195.223 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
cloud.mc.kestrafinancial.com
Software
/
Resource Hash
1c3bf250b08e595f872711a859b5f5c453d2dd9713ba3e44e1bcecfc31ff408d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Length
3069
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Jan 2024 21:15:47 GMT
Expires
-1
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
close
Content-Length
318
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Jan 2024 21:15:45 GMT
Location
https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d58274522a94
091e45e2-441e-4e47-b653-e69d1dac0dc6.png
image.mc.kestraholdings.com/lib/fe2a11727364047f731379/m/1/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.mc.kestraholdings.com/lib/fe2a11727364047f731379/m/1/091e45e2-441e-4e47-b653-e69d1dac0dc6.png
Requested by
Host: cloud.mc.kestrafinancial.com
URL: https://cloud.mc.kestrafinancial.com/PCLanding%20Page?qs=feda65fbf7a0fd7d4fff5e9b62aec43fc83d2b63474c2b76ac2ea3590925ce480367e9a2c293a3301645e9ec50d4ca500e1f0699894b6eed9dbfafb69a0045ccdb21d58274522a94
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62dd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86cdfd6be07763f8bc3e18437faaf17770bdc7f81262adecc3165a46cb002d04

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://cloud.mc.kestrafinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 21:15:47 GMT
Last-Modified
Fri, 07 Jan 2022 17:15:22 GMT
Server
AkamaiNetStorage
ETag
"c81603b0843af366685ae493542f4214:1641575722.674351"
Content-Type
image/png
Cache-Control
max-age=600, s-maxage=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3428

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| submitForm function| unsubscribe function| prefSelect function| closeMsg function| closeError

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.mc.kestrafinancial.com
cloud.mc.kestrafinancial.com
image.mc.kestraholdings.com
13.110.195.223
13.110.199.180
2a02:26f0:480:22::1726:62dd
1c3bf250b08e595f872711a859b5f5c453d2dd9713ba3e44e1bcecfc31ff408d
86cdfd6be07763f8bc3e18437faaf17770bdc7f81262adecc3165a46cb002d04