urlscan.io logo urlscan.io
SecurityTrails logo

view.fleetcoremail.com Open in urlscan Pro
13.111.43.190  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b...
Submission: On April 03 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 13.111.43.190, located in United States and belongs to EXACT-7, US. The main domain is view.fleetcoremail.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 30th 2022. Valid for: a year.
This is the only time view.fleetcoremail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.111.43.190 22606 (EXACT-7)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.111.42.191 22606 (EXACT-7)
1 34.193.153.183 14618 (AMAZON-AES)
7 6
1    13.111.43.190 (United States)

ASN22606 (EXACT-7, US)
PTR: view.fleetcoremail.com
view.fleetcoremail.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:6c00::210:ba83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.fleetcoremail.com
1    13.111.42.191 (United States)

ASN22606 (EXACT-7, US)
PTR: click.fleetcoremail.com
click.fleetcoremail.com
1    34.193.153.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-153-183.compute-1.amazonaws.com
ja3ke1pn.emltrk.com
Domain Requested by
2 image.fleetcoremail.com view.fleetcoremail.com
1 click.fleetcoremail.com view.fleetcoremail.com
1 ja3ke1pn.emltrk.com view.fleetcoremail.com
1 fonts.googleapis.com view.fleetcoremail.com
1 view.fleetcoremail.com
7 5

This site contains links to these domains. Also see Links.

Domain
click.fleetcoremail.com
Subject Issuer Validity Valid
view.fleetcoremail.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-30 -
2023-12-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
akamai-san174.exacttarget.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-28 -
2023-12-29		 a year crt.sh
click.fleetcoremail.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-30 -
2023-12-31		 a year crt.sh
*.emltrk.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-13		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Frame ID: 395AC926AF1C55A25BE625B6272486DC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FleetCor

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

86 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

186 kB
Transfer

185 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?i=1391727295 HTTP 302
  • https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?i=1391727295&rid=94175db5-76ab-42ff-a603-334a4a7400fc&r=0

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
view.fleetcoremail.com/ 		23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.43.190 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
view.fleetcoremail.com
Software
/
Resource Hash
cc4ea76071733be5067170abef4a42af48addac9cc37c9d5eb7a64cc1fea0589

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Connection
close
Content-Length
23742
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Apr 2023 14:43:44 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap
Requested by
Host: view.fleetcoremail.com
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
643c02b11ea8767aaaf24dec96ed0f3e16031a38f3b2d03e9ac20708ea803532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Apr 2023 14:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 12:48:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Apr 2023 14:43:45 GMT
ja3ke1pn
ja3ke1pn.emltrk.com/v2/
Redirect Chain
  • https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?i=1391727295
  • https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?i=1391727295&rid=94175db5-76ab-42ff-a603-334a4a7400fc&r=0
0
0
598baf35-03d8-4e79-b67a-ec79b023ff15.jpg
image.fleetcoremail.com/lib/fe9115747663037b77/m/1/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.fleetcoremail.com/lib/fe9115747663037b77/m/1/598baf35-03d8-4e79-b67a-ec79b023ff15.jpg
Requested by
Host: view.fleetcoremail.com
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0cffe1d3ef3fabe52a7bc4b50dad2b213bee5f72d95441c084a4f2abf995b829

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 14:43:47 GMT
Last-Modified
Fri, 24 Mar 2023 16:44:10 GMT
Server
AkamaiNetStorage
ETag
"57a60064e1c795b3dd35f1e46b1a0fc3:1679676250.292683"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125095
6a414969-8b97-48d2-b9f5-cc5305b1d545.png
image.fleetcoremail.com/lib/fe9115747663037b77/m/1/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.fleetcoremail.com/lib/fe9115747663037b77/m/1/6a414969-8b97-48d2-b9f5-cc5305b1d545.png
Requested by
Host: view.fleetcoremail.com
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3212f40c39ddf9be1d345e13a35edcd085202ef7e4f72e30bb65ad679deacc5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 14:43:46 GMT
Last-Modified
Fri, 10 Mar 2023 17:14:35 GMT
Server
AkamaiNetStorage
ETag
"f196fb4d425073869883b58d687ef87e:1678468475.315513"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38149
open.aspx
click.fleetcoremail.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.fleetcoremail.com/open.aspx?ffcb10-fe891c757d64007b72-fdfa12717063017c75177975-fe9115747663037b77-fec4127370660379-fdf115737c65037f72167970-ff65157571&d=40126&bmt=0
Requested by
Host: view.fleetcoremail.com
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.42.191 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
click.fleetcoremail.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Mon, 03 Apr 2023 14:43:45 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
ja3ke1pn
ja3ke1pn.emltrk.com/v2/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?rl&i=1391727295
Requested by
Host: view.fleetcoremail.com
URL: https://view.fleetcoremail.com/?qs=2435fccf0053eb11d5f4a852d76b161b1f6e77ee6b01def2157a97a2d33ed4ff04d2bfa63efa6d9306956902ec0b4e5ff9a5da91e38e9a02050f23a4ebbf7760bf17401c0f3027d6ab1fdda4d6f71a53e737205a50052e8f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.153.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-153-183.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://view.fleetcoremail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Apr 2023 14:43:45 GMT
Server
Kestrel
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Expires
Tue, 03 Jul 2001 06:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ja3ke1pn.emltrk.com
URL
https://ja3ke1pn.emltrk.com/v2/ja3ke1pn?i=1391727295&rid=94175db5-76ab-42ff-a603-334a4a7400fc&r=0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies