url.emailprotection.link
Open in
urlscan Pro
185.64.213.245
Public Scan
Submitted URL: https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&vie...
Effective URL: https://url.emailprotection.link/?bTLpxh-Ggey3C_QWbFpbdkvzRKDGVGYQC9Sn45XLCYeBez6mX8dGTay_ZWzC79ER6ofBUc8K1YMBt2c_rmyqg-zzkHPjkBI...
Submission: On December 16 via manual from CA — Scanned from DE
Effective URL: https://url.emailprotection.link/?bTLpxh-Ggey3C_QWbFpbdkvzRKDGVGYQC9Sn45XLCYeBez6mX8dGTay_ZWzC79ER6ofBUc8K1YMBt2c_rmyqg-zzkHPjkBI...
Submission: On December 16 via manual from CA — Scanned from DE
Summary
This website contacted 3 IPs
in 4 countries
across 8 domains to perform 22 HTTP transactions.
The main IP is 185.64.213.245, located in
United Kingdom and
belongs to IMED Intermedia Technologies Company Limited, GB.
The main domain is url.emailprotection.link.
The Cisco Umbrella rank of the primary domain is 159620.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 11th 2024. Valid for: a year.
This is the only time url.emailprotection.link was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 11th 2024. Valid for: a year.
This is the only time url.emailprotection.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 3 | 85.214.250.244 85.214.250.244 | 6724 (STRATO St...) (STRATO Strato AG) | |
| 1 1 | 2607:f220:404... 2607:f220:404:910f:137:187:34:35 | 3527 (NIH-NET) (NIH-NET) | |
| 1 1 | 74.122.104.44 74.122.104.44 | 26569 (COLLEGENET) (COLLEGENET) | |
| 20 | 185.64.213.245 185.64.213.245 | 50152 (IMED Inte...) (IMED Intermedia Technologies Company Limited) | |
| 1 1 | 34.102.239.211 34.102.239.211 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 45.139.122.238 45.139.122.238 | 206264 (AMARUTU-T...) (AMARUTU-TECHNOLOGY Amarutu Technology Ltd) | |
| 1 | 57.150.87.132 57.150.87.132 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 2600:9000:235... 2600:9000:2359:c600:a:c6a1:780:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 22 | 3 |
3
85.214.250.244
(Germany)
ASN6724 (STRATO Strato AG, DE)
PTR: medicus.zone35.net
ASN6724 (STRATO Strato AG, DE)
PTR: medicus.zone35.net
| daimler-bkk.portal-gesundheitonline.de |
1
2607:f220:404:910f:137:187:34:35
(Rockville, United States)
ASN3527 (NIH-NET, US)
ASN3527 (NIH-NET, US)
| federation.nih.gov |
20
185.64.213.245
(United Kingdom)
ASN50152 (IMED Intermedia Technologies Company Limited, GB)
PTR: url.emailprotection.link
ASN50152 (IMED Intermedia Technologies Company Limited, GB)
PTR: url.emailprotection.link
| url.emailprotection.link |
1
34.102.239.211
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com
| email.double.serviceautopilot.com |
1
45.139.122.238
(Netherlands)
ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC)
PTR: delta.zones-dns.com
ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC)
PTR: delta.zones-dns.com
| iconichost.net |
1
57.150.87.132
(Washington, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| filesportalroute.z13.web.core.windows.net |
1
2600:9000:2359:c600:a:c6a1:780:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| protect.checkpoint.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 20 |
emailprotection.link
url.emailprotection.link — Cisco Umbrella Rank: 159620 |
403 KB |
| 3 |
portal-gesundheitonline.de
3 redirects
daimler-bkk.portal-gesundheitonline.de |
2 KB |
| 1 |
checkpoint.com
1 redirects
protect.checkpoint.com — Cisco Umbrella Rank: 64337 |
453 B |
| 1 |
windows.net
filesportalroute.z13.web.core.windows.net |
2 KB |
| 1 |
iconichost.net
iconichost.net |
1 KB |
| 1 |
serviceautopilot.com
1 redirects
email.double.serviceautopilot.com |
574 B |
| 1 |
applyweb.com
1 redirects
www.applyweb.com — Cisco Umbrella Rank: 343745 |
1 KB |
| 1 |
nih.gov
1 redirects
federation.nih.gov — Cisco Umbrella Rank: 273963 |
1 KB |
| 22 | 8 |
| Domain | Requested by | |
|---|---|---|
| 20 | url.emailprotection.link |
url.emailprotection.link
filesportalroute.z13.web.core.windows.net |
| 3 | daimler-bkk.portal-gesundheitonline.de | 3 redirects |
| 1 | protect.checkpoint.com | 1 redirects |
| 1 | filesportalroute.z13.web.core.windows.net |
iconichost.net
|
| 1 | iconichost.net |
url.emailprotection.link
|
| 1 | email.double.serviceautopilot.com | 1 redirects |
| 1 | www.applyweb.com | 1 redirects |
| 1 | federation.nih.gov | 1 redirects |
| 22 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.emailprotection.link GeoTrust TLS RSA CA G1 |
2024-07-11 - 2025-08-11 |
a year | crt.sh |
| *.iconichost.net R11 |
2024-11-06 - 2025-02-04 |
3 months | crt.sh |
| *.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-10-27 - 2025-04-25 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://url.emailprotection.link/?bTLpxh-Ggey3C_QWbFpbdkvzRKDGVGYQC9Sn45XLCYeBez6mX8dGTay_ZWzC79ER6ofBUc8K1YMBt2c_rmyqg-zzkHPjkBI0Qc9wVKGyuWFtta5UyGo9nEWU_jhChCLqN
Frame ID: 560B641BD2758DBF81579A32E8E6ACB5
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
ScanningPage URL History Show full URLs
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=...
HTTP 302
https://federation.nih.gov/Shibboleth.sso/Logout?return=https://www.applyweb.com/shibboleth/Shibboleth.... HTTP 302
https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https://url.emailprotection.link/?bP... HTTP 302
https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haq... Page URL
-
http://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TE...
HTTP 307
https://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TE... HTTP 302
https://iconichost.net/files/ Page URL
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=...
HTTP 302
https://filesportalroute.z13.web.core.windows.net/ Page URL
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=...
HTTP 302
https://protect.checkpoint.com/v2/r02/___https://url.emailprotection.link/?gYQuCm-LljD8H_V1gKugipAEWPIL0L3V... HTTP 302
https://url.emailprotection.link/?bTLpxh-Ggey3C_QWbFpbdkvzRKDGVGYQC9Sn45XLCYeBez6mX8dGTay_ZWzC79ER6ofBUc8K1YM... Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&view=service&redirect=https://federation.nih.gov/Shibboleth.sso/Logout?return=https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https%3A%2F%2Furl.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~
HTTP 302
https://federation.nih.gov/Shibboleth.sso/Logout?return=https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ HTTP 302
https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ HTTP 302
https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ Page URL
-
http://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TEmMTOSU10SrKehGicWvEPyo0S4OgchjGPXg2qrEEHJYUWRyX2IJODF5mCgE570RRizjHgUCMJHYsgguZSH27EFTdlySFRlrBANowZJZ0WCYVW3KAi5bR4sRGtBIf6em863Xp2bl99NftfVnzv0YW9yf53UP7meAbYCt5n7WvPf7mU99BthKbXoPsI1XPPjkX70GNHtt7a6iB5_9Ovav9InwHwAA___cBVdI
HTTP 307
https://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TEmMTOSU10SrKehGicWvEPyo0S4OgchjGPXg2qrEEHJYUWRyX2IJODF5mCgE570RRizjHgUCMJHYsgguZSH27EFTdlySFRlrBANowZJZ0WCYVW3KAi5bR4sRGtBIf6em863Xp2bl99NftfVnzv0YW9yf53UP7meAbYCt5n7WvPf7mU99BthKbXoPsI1XPPjkX70GNHtt7a6iB5_9Ovav9InwHwAA___cBVdI HTTP 302
https://iconichost.net/files/ Page URL
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&view=service&redirect=https://filesportalroute.z13.web.core.windows.net/
HTTP 302
https://filesportalroute.z13.web.core.windows.net/ Page URL
-
https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&view=service&redirect=https://protect.checkpoint.com/v2/r02/___https://url.emailprotection.link/?gYQuCm-LljD8H_V1gKugipAEWPIL0L3VHcXs9/2QH3jGjE*~*r2biLYfD_41EHacJW*~*tkGZhbP63RGy7h_wrDvl-EEpMUopGN5VhcB0PLDz1Kyyf/ZDLtcsJ1Z_omHmHQvS___.YzJlOm1zbm90aWZ5OmM6bzo5OGMzY2Q1MDRlZDUwMzNiMWNlNzYwZWUxYjMwMjI2Nzo3OmI3OGE6YzgyNGE0NjY1NWE0MDAyMjExOWZiMDU3OTNkMzhlNWYyZTYyOTAwNWYyY2E2Y2U3OWVmMDk1NWYwZjlkMGYyODpoOlQ6VA
HTTP 302
https://protect.checkpoint.com/v2/r02/___https://url.emailprotection.link/?gYQuCm-LljD8H_V1gKugipAEWPIL0L3VHcXs9/2QH3jGjE*~*r2biLYfD_41EHacJW*~*tkGZhbP63RGy7h_wrDvl-EEpMUopGN5VhcB0PLDz1Kyyf/ZDLtcsJ1Z_omHmHQvS___.YzJlOm1zbm90aWZ5OmM6bzo5OGMzY2Q1MDRlZDUwMzNiMWNlNzYwZWUxYjMwMjI2Nzo3OmI3OGE6YzgyNGE0NjY1NWE0MDAyMjExOWZiMDU3OTNkMzhlNWYyZTYyOTAwNWYyY2E2Y2U3OWVmMDk1NWYwZjlkMGYyODpoOlQ6VA HTTP 302
https://url.emailprotection.link/?bTLpxh-Ggey3C_QWbFpbdkvzRKDGVGYQC9Sn45XLCYeBez6mX8dGTay_ZWzC79ER6ofBUc8K1YMBt2c_rmyqg-zzkHPjkBI0Qc9wVKGyuWFtta5UyGo9nEWU_jhChCLqN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&view=service&redirect=https://federation.nih.gov/Shibboleth.sso/Logout?return=https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https%3A%2F%2Furl.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ HTTP 302
- https://federation.nih.gov/Shibboleth.sso/Logout?return=https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ HTTP 302
- https://www.applyweb.com/shibboleth/Shibboleth.sso/Logout?return=https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~ HTTP 302
- https://url.emailprotection.link/?bP3DIrPXDAApUZEZl4u-znTSmtmqKb6fsdryo19UyiYDSeMMniVFeCE182eZzdvBGlGfMZO9haqj7OpDwJCs6tWt2cs11SYWZq-SUiJGpIXj6BVV_oIF4oIUdm3fCEtSQibjjrafMTikRuyH1LYFLe73UlEPTaR0XYNSSLTNk82NFJoM-EGmGGAvrbjAtPyZEBjw0FsLD4fRF8T9bIis4xRlbzYsaFcdyWsOX7FGqer1dxOMSpyeEOBbr-JFc0P5Mz1KcuQAxRNqnWjLAQqXd0AIXVh_IA1H4G6pz3Kzp3VGJkH3PS4WvcC5Vp3w9fXG7_2eFCWG2c0CTBwUGUWcP5HlMHa-WwOnOqM5OszDsHwvd1jXbbmJoygbxumOXQD45Br5DnmnHNHw_DmszDqkcEaWQHAKMjHHK3cd46VVWeBsMSROB_rDX6ZzO02rliKC7u5bxUb6aawDa76XpD1MzMA~~
- http://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TEmMTOSU10SrKehGicWvEPyo0S4OgchjGPXg2qrEEHJYUWRyX2IJODF5mCgE570RRizjHgUCMJHYsgguZSH27EFTdlySFRlrBANowZJZ0WCYVW3KAi5bR4sRGtBIf6em863Xp2bl99NftfVnzv0YW9yf53UP7meAbYCt5n7WvPf7mU99BthKbXoPsI1XPPjkX70GNHtt7a6iB5_9Ovav9InwHwAA___cBVdI HTTP 307
- https://email.double.serviceautopilot.com/c/eJwczEGOhSAMANDT6E4DpUVcsJiN9yi0jCQoP-r_ydx-kn-Bl_vx4vOvSoRU2OpqJwLKE3q_TEmMTOSU10SrKehGicWvEPyo0S4OgchjGPXg2qrEEHJYUWRyX2IJODF5mCgE570RRizjHgUCMJHYsgguZSH27EFTdlySFRlrBANowZJZ0WCYVW3KAi5bR4sRGtBIf6em863Xp2bl99NftfVnzv0YW9yf53UP7meAbYCt5n7WvPf7mU99BthKbXoPsI1XPPjkX70GNHtt7a6iB5_9Ovav9InwHwAA___cBVdI HTTP 302
- https://iconichost.net/files/
- https://daimler-bkk.portal-gesundheitonline.de/index.php?Itemid=107&kategorie_id=183&layout=startseite&option=com_bkk&type=teaser_rauchfrei&view=service&redirect=https://filesportalroute.z13.web.core.windows.net/ HTTP 302
- https://filesportalroute.z13.web.core.windows.net/
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
url.emailprotection.link/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_style.css
url.emailprotection.link/new/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_screenshot.js
url.emailprotection.link/new/js/ |
1 KB 979 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tooltipster.css
url.emailprotection.link/new/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ |
142 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_scanning.js
url.emailprotection.link/new/js/ |
947 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scanning_70.gif
url.emailprotection.link/new/images/ |
30 KB 30 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notosans-regular.ttf
url.emailprotection.link/new/fonts/ |
306 KB 306 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
iconichost.net/files/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
url.emailprotection.link/new/images/ |
77 B 332 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
filesportalroute.z13.web.core.windows.net/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
url.emailprotection.link/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_style.css
url.emailprotection.link/new/css/ |
8 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_screenshot.js
url.emailprotection.link/new/js/ |
1 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tooltipster.css
url.emailprotection.link/new/css/ |
10 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.9.1.js
url.emailprotection.link/new/js/libs/ |
142 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.tooltipster.min.js
url.emailprotection.link/new/js/libs/ |
17 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new_scanning.js
url.emailprotection.link/new/js/ |
947 B 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
scanning_70.gif
url.emailprotection.link/new/images/ |
30 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
notosans-regular.ttf
url.emailprotection.link/new/fonts/ |
306 KB 0 |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
url.emailprotection.link/new/images/ |
77 B 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| states string| screenshotApi function| generateScreenshot function| toggleScreenshot function| updateState function| showScreenshot function| $ function| jQuery function| addTooltip string| SCANNING_ENDPOINT string| FORCE_SCANNING_ENDPOINT function| runScanning function| forceScanning2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .applyweb.com/ | Name: dtCookie Value: v_4_srv_7_sn_10417F8081573D87227A5C9603CA1DCD_perc_100000_ol_0_mul_1_app-3Ab3e4b7260e3c8b7e_0 |
|
| protect.checkpoint.com/ | Name: x-cloud-sec-ctp Value: a242d240-43b9-4fad-8f3a-ce95d34ebad3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
daimler-bkk.portal-gesundheitonline.de
email.double.serviceautopilot.com
federation.nih.gov
filesportalroute.z13.web.core.windows.net
iconichost.net
protect.checkpoint.com
url.emailprotection.link
www.applyweb.com
185.64.213.245
2600:9000:2359:c600:a:c6a1:780:93a1
2607:f220:404:910f:137:187:34:35
34.102.239.211
45.139.122.238
57.150.87.132
74.122.104.44
85.214.250.244
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
1ad962409fc5ee9db898342baf9d2d4dd4425ecd4a6635fbe9aa3aa4a179d8f4
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
fb08dc268ceb5d989fc90071f00544bc38d88e1981bfba50c50ae9a454444ba0