urlscan.io logo urlscan.io
SecurityTrails logo

mc.colengo.com Open in urlscan Pro
104.26.9.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb4P942E7lEWHk21VuFQFi...
Effective URL: https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&...
Submission: On April 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 104.26.9.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is mc.colengo.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 3rd 2019. Valid for: a year.
This is the only time mc.colengo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.26.9.235 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains		 Transfer
1 colengo.com
mc.colengo.com
766 B
1 dealbanana.com
links.dealbanana.com
450 B
1 2
Domain Requested by
1 mc.colengo.com
1 links.dealbanana.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-03 -
2020-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17
Frame ID: 2416F1329A0B23F52E31153806216361
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb... HTTP 307
    https://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb... HTTP 302
    https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

1
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb4P942E7lEWHk21VuFQFiinOPmpFGz-2FpsasCWK6kHdxtQdrmhm0o8lynnsSvt5-2BK9l2BJDZtAzyLVJkWqelkXZlzjJS8yUktWubVZNrMiWrx6MpC0iMYHMuxWdDCkU7v2xkIxAiXTo_yWN1jImJGKlJPWFktxqeEGQGoS-2BZ-2BYHbuXSX70E2-2F5pJ5S1GT5WOdE0pgc0-2BXbiDKj2Pm-2FL8davtH84uihRQnNyLmdy4KHlRg19X8FnvFKVyNVzJOCd0q5jqTuFiRTnpFtdA0KhIh7-2BiGM9neb8s3aQrfg3HIFru7DLVrstRyXAauW-2FxO-2BT0DZV3gImZ7R5fKxrmnIZgJzXXxCtch8ogwpNd4DnNFgxls1XtrMd16e3fETkMwcddHYBPwDrU5V1W8DXRzm6eLdSTHd27GkSqMM0rwCokXqvTrYaMhdbkVxrDrAtcowz622AlYft-2FvjO7 HTTP 307
    https://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb4P942E7lEWHk21VuFQFiinOPmpFGz-2FpsasCWK6kHdxtQdrmhm0o8lynnsSvt5-2BK9l2BJDZtAzyLVJkWqelkXZlzjJS8yUktWubVZNrMiWrx6MpC0iMYHMuxWdDCkU7v2xkIxAiXTo_yWN1jImJGKlJPWFktxqeEGQGoS-2BZ-2BYHbuXSX70E2-2F5pJ5S1GT5WOdE0pgc0-2BXbiDKj2Pm-2FL8davtH84uihRQnNyLmdy4KHlRg19X8FnvFKVyNVzJOCd0q5jqTuFiRTnpFtdA0KhIh7-2BiGM9neb8s3aQrfg3HIFru7DLVrstRyXAauW-2FxO-2BT0DZV3gImZ7R5fKxrmnIZgJzXXxCtch8ogwpNd4DnNFgxls1XtrMd16e3fETkMwcddHYBPwDrU5V1W8DXRzm6eLdSTHd27GkSqMM0rwCokXqvTrYaMhdbkVxrDrAtcowz622AlYft-2FvjO7 HTTP 302
    https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request confirmoptin.php
mc.colengo.com/mailcamp/
Redirect Chain
  • http://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb4P942E7lEWHk21VuFQFiinOPmpFGz-2FpsasCWK6kHdxtQdrmhm0o8lynnsSvt5-2BK9l2BJDZtAzyLVJkWqelkXZlzjJ...
  • https://links.dealbanana.com/ls/click?upn=gSghuabQJ-2BFYYgukl9ANi5UlPK0qbaqFu1jaw-2BbKJmu4H9KuH8xaJCWBsWb4P942E7lEWHk21VuFQFiinOPmpFGz-2FpsasCWK6kHdxtQdrmhm0o8lynnsSvt5-2BK9l2BJDZtAzyLVJkWqelkXZlzj...
  • https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17
508 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
cfb2b857e0b074e1c5bcd385d93f2a9f5f2abc675d175d3044eb1ac5c7388c40

Request headers

:method
GET
:authority
mc.colengo.com
:scheme
https
:path
/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 10:57:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd3444280e1ef149ce6ec99735e29dd611587639452; expires=Sat, 23-May-20 10:57:32 GMT; path=/; domain=.colengo.com; HttpOnly; SameSite=Lax; Secure IEMSESSIONID=pgdmg76m8lj81rho3he4c4uv86; path=/; HttpOnly
x-powered-by
PHP/7.0.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
588710745b1bd875-CPH
content-encoding
br
cf-request-id
0248489cb90000d875e882d200000001

Redirect headers

status
302
date
Thu, 23 Apr 2020 10:57:32 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d14d8d2b125345b85195b0935c792b2f91587639452; expires=Sat, 23-May-20 10:57:32 GMT; path=/; domain=.dealbanana.com; HttpOnly; SameSite=Lax; Secure
location
https://mc.colengo.com/mailcamp/confirmoptin.php?E=noel.de.mey%40telenet.be&C=3dbff76af479ab482ed6e7228151dac3&S=47358&L=17
x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
588710718a52d6c1-FRA
cf-request-id
0248489af40000d6c1eb227200000001

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
mc.colengo.com/ Name: IEMSESSIONID
Value: pgdmg76m8lj81rho3he4c4uv86
.colengo.com/ Name: __cfduid
Value: dd3444280e1ef149ce6ec99735e29dd611587639452

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

links.dealbanana.com
mc.colengo.com
104.26.9.235
2606:4700:3032::681b:94f0
cfb2b857e0b074e1c5bcd385d93f2a9f5f2abc675d175d3044eb1ac5c7388c40