rce.recordconnect.com Open in urlscan Pro
52.250.85.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u18732325.ct.sendgrid.net/ls/click?upn=zHs5-2FBP9T0pQStz4OQwoh4734aOiAlEys-2FTG0as-2Fpvw4xyPcPhcWEwiXNqVXElTzD-2FIYBUrwTY4...
Effective URL:
https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Submission: On November 30 via manual (November 30th 2023, 4:48:06 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 52.250.85.14, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rce.recordconnect.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 11th 2023. Valid for: a year.

This is the only time rce.recordconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
9	52.250.85.14 52.250.85.14	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.121.98 13.32.121.98	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	4

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u18732325.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.250.85.14 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rce.recordconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-98.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	recordconnect.com rce.recordconnect.com	929 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	44 KB
1	sendgrid.net 1 redirects u18732325.ct.sendgrid.net	302 B
14	5

	Domain	Requested by
9	rce.recordconnect.com	rce.recordconnect.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	rce.recordconnect.com
1	cdn.plaid.com	rce.recordconnect.com
1	u18732325.ct.sendgrid.net	1 redirects
14	5

This site contains links to these domains. Also see Links.

Domain
vitalrecordscontrol.com

Subject Issuer	Validity	Valid
*.recordconnect.com Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-08-11`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Frame ID: CA0D534D83614ED436D4FB95FB745213
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VitalChart

Page URL History Show full URLs

https://u18732325.ct.sendgrid.net/ls/click?upn=zHs5-2FBP9T0pQStz4OQwoh4734aOiAlEys-2FTG0as-2Fpvw4xyPcPhcWEwiXN... HTTP 302
https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

990 kB
Transfer

1098 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vitalrecordscontrol.com/vitalchart-release-of-information-terms-of-service/
Title: VitalChart Release of Information Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u18732325.ct.sendgrid.net/ls/click?upn=zHs5-2FBP9T0pQStz4OQwoh4734aOiAlEys-2FTG0as-2Fpvw4xyPcPhcWEwiXNqVXElTzD-2FIYBUrwTY4RofhfiGoYA9kpdQP2Hi2D7T6J0hLNr8tG4tJUueEIWPLtPRUtZDqGtb3unUT9ZNzlq-2BZOR-2FRiCQ-3D-3Dpqxg_IAg-2FngyC4xXQ6NGxZ5koJy1wVpeXrGg-2BtoTCcwVU7MUKX-2BIpImSjbuJYIBg3FxfyroY1W-2BOOqS28-2FZwpFHvzbOCWSJ6y-2F2r-2FgIkeoA0mFIJlVU-2Bw-2FJaRlhiKA0D-2FCjZbncYDSok1IyWuqtl3pJpnGXYg709a2Ft3OQVcOWrAqNXnLKCDMAcHoObwLh9ACvBJItCjsav2Poya-2BIGu2Ez59l7ptodgyFOKtZSPlLMCAcE-3D HTTP 302
https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request file-portal-login Show response
rce.recordconnect.com/
Redirect Chain

https://u18732325.ct.sendgrid.net/ls/click?upn=zHs5-2FBP9T0pQStz4OQwoh4734aOiAlEys-2FTG0as-2Fpvw4xyPcPhcWEwiXNqVXElTzD-2FIYBUrwTY4RofhfiGoYA9kpdQP2Hi2D7T6J0hLNr8tG4tJUueEIWPLtPRUtZDqGtb3unUT9ZNzlq-...
https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987

8 KB
2 KB

691ms
180ms

Document
text/html

52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ec0a37648501b83c6ffe10a11a6c3e60947399201421d695c4eadca5e128e53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1434
Content-Type: text/html
Date: Thu, 30 Nov 2023 16:47:59 GMT
ETag: "09afa3aca3d91:0"
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 129
Content-Type: text/html; charset=utf-8
Date: Thu, 30 Nov 2023 16:47:59 GMT
Location: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 144 KB
44 KB 127ms
66ms Script
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8502e81b185ff2f8383a6701936d2a171ae6d99a5caeecfc239689c1568ce016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:57:29 GMT
x-amz-version-id: 96sleu89GYnOiy0iBAP4S2vrvn.LSxFj
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-request-id: N3XFWDYSH2559AZB
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 60631
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: qZl+5sTCKq3jRueIkw75gD9hNdKt60JXuafO7O6EMpjujR3KTIBFmaTFzs3dDzjh+xmFZwIxc+I=
last-modified: Wed, 29 Nov 2023 23:34:23 GMT
server: AmazonS3
etag: W/"713decf4c426a39fb7306ee7d264c70f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: IMa94xA8kJKjNHH6rnjrNf2T9uzZ7I6W4-z-VSdY7x2x84X8eVsYag==

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
636 B 75ms
29ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 16:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:37:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 16:47:59 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
778 B 74ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 16:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:47:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 16:47:59 GMT

GET
H/1.1 200
OK main.css
rce.recordconnect.com/ 28 KB
29 KB 359ms
358ms Stylesheet
text/css 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/main.css
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 50d5145f413c8515f14ed681ebf90ae3ff750178b5c2317e9c08abab573507b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:47:59 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28961

GET
H/1.1 200
OK 13.css
rce.recordconnect.com/ 839 B
1 KB 537ms
180ms Stylesheet
text/css 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/13.css
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b78dc9a35d94d39669a8365d49e7025f0a847297a8e92095d6d1a7643eaacb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:00 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 839

GET
H/1.1 200
OK 16.css
rce.recordconnect.com/ 839 B
1 KB 538ms
179ms Stylesheet
text/css 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/16.css
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9b78dc9a35d94d39669a8365d49e7025f0a847297a8e92095d6d1a7643eaacb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:00 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 839

GET
H/1.1 200
OK main.69a47d5126d4623460ec.js Show response
rce.recordconnect.com/ 673 KB
674 KB 720ms
360ms Script
application/javascript 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/main.69a47d5126d4623460ec.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 51077174de8e06f127dbc1c1e413d3108c588241c9992f0bb5bcdb78f64435e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:00 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 689547

GET
H/1.1 200
OK 0.f4419ff9ca93d8d9d143.js Show response
rce.recordconnect.com/ 15 KB
15 KB 181ms
181ms Script
application/javascript 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/0.f4419ff9ca93d8d9d143.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/main.69a47d5126d4623460ec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 392750dcdf8a4b0048b3a911359634c4379b83f6374d4895be013a507b831a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:01 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:04 GMT
Server: Microsoft-IIS/10.0
ETag: "0dc7da2aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15193

GET
H/1.1 200
OK 1.ec18edc0e9de5f30d91c.js Show response
rce.recordconnect.com/ 114 KB
114 KB 358ms
358ms Script
application/javascript 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/1.ec18edc0e9de5f30d91c.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/main.69a47d5126d4623460ec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f681aae855b0fa136037e668ec3d0848e929cdb1a53acdf3be53125629cbe38c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:01 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:04 GMT
Server: Microsoft-IIS/10.0
ETag: "0dc7da2aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116468

GET
H/1.1 200
OK 46.9767d26577289bf4ac86.js Show response
rce.recordconnect.com/ 74 KB
74 KB 358ms
357ms Script
application/javascript 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/46.9767d26577289bf4ac86.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/main.69a47d5126d4623460ec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1164ad54746d22a7efc167458dad9f9282cd49ff09ec816af3d61fd4df7bb503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:01 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75817

GET
H/1.1 200
OK 85.10f4d8176fa1c6376764.js Show response
rce.recordconnect.com/ 19 KB
19 KB 367ms
367ms Script
application/javascript 52.250.85.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rce.recordconnect.com/85.10f4d8176fa1c6376764.js
Requested by: Host: rce.recordconnect.com
URL: https://rce.recordconnect.com/main.69a47d5126d4623460ec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.250.85.14 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5751583b7670e24612ea97a09e74663241a466f2c5a1c9affa42fcc7e3ad035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 16:48:01 GMT
Last-Modified: Tue, 20 Jun 2023 19:23:06 GMT
Server: Microsoft-IIS/10.0
ETag: "09afa3aca3d91:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19301

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 160ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rce.recordconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 508484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 19:33:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rce.recordconnect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:30 GMT
x-content-type-options: nosniff
age: 520172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:18:30 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rce.recordconnect.com/	1969-12-31 23:59:59	Name: rce-recordconnect.com-affinity-cookieCORS Value: 614cb1a8dcd814df1561542cf9fcdf8e
rce.recordconnect.com/	1969-12-31 23:59:59	Name: rce-recordconnect.com-affinity-cookie Value: 614cb1a8dcd814df1561542cf9fcdf8e
rce.recordconnect.com/	1970-01-20 16:36:03	Name: _dd_s Value: logs=1&id=427319eb-c5e0-4c2f-92f5-adca372b4758&created=1701362881386&expire=1701363781386

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987 Message: The resource https://rce.recordconnect.com/16.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rce.recordconnect.com/file-portal-login?name=Trujillo&Passcode=AWAXnwbP&Record=519-2499987 Message: The resource https://rce.recordconnect.com/13.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.plaid.com
fonts.googleapis.com
fonts.gstatic.com
rce.recordconnect.com
u18732325.ct.sendgrid.net
13.32.121.98
167.89.115.121
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
52.250.85.14
1164ad54746d22a7efc167458dad9f9282cd49ff09ec816af3d61fd4df7bb503
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
392750dcdf8a4b0048b3a911359634c4379b83f6374d4895be013a507b831a69
3ec0a37648501b83c6ffe10a11a6c3e60947399201421d695c4eadca5e128e53
50d5145f413c8515f14ed681ebf90ae3ff750178b5c2317e9c08abab573507b7
51077174de8e06f127dbc1c1e413d3108c588241c9992f0bb5bcdb78f64435e8
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8502e81b185ff2f8383a6701936d2a171ae6d99a5caeecfc239689c1568ce016
9b78dc9a35d94d39669a8365d49e7025f0a847297a8e92095d6d1a7643eaacb6
b5751583b7670e24612ea97a09e74663241a466f2c5a1c9affa42fcc7e3ad035
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
f681aae855b0fa136037e668ec3d0848e929cdb1a53acdf3be53125629cbe38c

rce.recordconnect.com Open in urlscan Pro 52.250.85.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

990 kBTransfer

1098 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

rce.recordconnect.com Open in urlscan Pro
52.250.85.14 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

990 kB
Transfer

1098 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions