urlscan.io logo urlscan.io
SecurityTrails logo

r.email.mandarine.academy Open in urlscan Pro
1.179.112.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
Effective URL: https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
Submission: On June 27 via manual from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 1.179.112.197, located in France and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is r.email.mandarine.academy.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.
This is the only time r.email.mandarine.academy was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.197 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 3
Apex Domain
Subdomains		 Transfer
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 26129
1 mandarine.academy
r.email.mandarine.academy
1 KB
0 dileap.com Failed
dileap.com Failed
3 3
Domain Requested by
1 sibautomation.com r.email.mandarine.academy
1 r.email.mandarine.academy
0 dileap.com Failed r.email.mandarine.academy
3 3

This site contains no links.

Subject Issuer Validity Valid
r.email.mandarine.academy
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
sibautomation.com
WE1		 2024-06-07 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Frame: https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
Frame ID: 7DEB99440B42D37B34BCFAE6982E4E14
Requests: 2 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2748988
Frame ID: 99A8430C7C3C31BF08929390F4723F8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx HTTP 307
    https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx Page URL

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx HTTP 307
    https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://mooc.office365-training.com/fr/tarifs.html?utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 301
  • https://dileap.com/fr/tarifs.html?utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 301
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email HTTP 302
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3WA6z2NKyBJx
r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/
Redirect Chain
  • http://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
  • https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
937 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.197 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
51cacd7efae2418e4b4a96e1c2b2563cc76b76ac01333fceb493aeb4cf4d141f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
937
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 11:27:25 GMT
x-content-type-options
nosniff
x-sib-server
gke-public-cluster-v2-1-179-112-170
x-xss-protection
1

Redirect headers

Location
https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
Non-Authoritative-Reason
HttpsUpgrades
cm.html
sibautomation.com/ Frame 99A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2748988
Requested by
Host: r.email.mandarine.academy
URL: https://r.email.mandarine.academy/mk/cl/f/sh/7nVU1aA2nfwFSFtdkK91fpjNZzISh2g/3WA6z2NKyBJx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2546 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://r.email.mandarine.academy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
8355
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
89a51676db089ee2-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 11:27:25 GMT
expires
Thu, 27 Jun 2024 13:27:25 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
tarifs.html
dileap.com/
Redirect Chain
  • https://mooc.office365-training.com/fr/tarifs.html?utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/fr/tarifs.html?utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
  • https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dileap.com
URL
https://dileap.com/tarifs.html?language=fr&utm_source=brevo&utm_campaign=NL_EN_JUIN_LAPLATEFORMETOUTLETE&utm_medium=email

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence

4 Cookies

Domain/Path Name / Value
sibautomation.com/ Name: uuid
Value: 19eac1db-8598-4108-87d9-cfc831682b2a
dileap.com/ Name: hl
Value: fr
dileap.com/ Name: _MTU
Value: MTU-667d4c9dcee95
dileap.com/ Name: PHPSESSID
Value: jiu07bik1j29vivdqc8eqlm726

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dileap.com
r.email.mandarine.academy
sibautomation.com
dileap.com
1.179.112.197
2606:4700:4400::6812:2546
51cacd7efae2418e4b4a96e1c2b2563cc76b76ac01333fceb493aeb4cf4d141f