app.embluemail.com
Open in
urlscan Pro
201.234.171.146
Public Scan
URL:
https://app.embluemail.com/Online/VON.aspx?data=leyc4AzozF40O0zdFQSLd7hAXA9vL7zQysQeTlTsKxapjr/2QAwde/yYsQCx9b5C7AaQCXTv7QS...
Submission: On April 25 via api from BE — Scanned from DE
Submission: On April 25 via api from BE — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 3 domains to perform 8 HTTP transactions.
The main IP is 201.234.171.146, located in
Buenos Aires, Argentina and
belongs to LVLT-3549, US.
The main domain is app.embluemail.com.
The Cisco Umbrella rank of the primary domain is 411558.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 4th 2022. Valid for: a year.
This is the only time app.embluemail.com was scanned on urlscan.io!
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 4th 2022. Valid for: a year.
This is the only time app.embluemail.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 201.234.171.146 201.234.171.146 | 3549 (LVLT-3549) (LVLT-3549) | |
| 5 | 2600:9000:249... 2600:9000:2491:6a00:f:34b5:c4c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 54.232.254.159 54.232.254.159 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 18.228.122.241 18.228.122.241 | 16509 (AMAZON-02) (AMAZON-02) | |
| 8 | 4 |
1
201.234.171.146
(Buenos Aires, Argentina)
ASN3549 (LVLT-3549, US)
PTR: 201-234-171-146.static.impsat.net.ar
ASN3549 (LVLT-3549, US)
PTR: 201-234-171-146.static.impsat.net.ar
| app.embluemail.com |
5
2600:9000:2491:6a00:f:34b5:c4c0:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d2u2wpq9dm29lf.cloudfront.net |
1
54.232.254.159
(São Paulo, Brazil)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-232-254-159.sa-east-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-232-254-159.sa-east-1.compute.amazonaws.com
| linkado.vc |
1
18.228.122.241
(São Paulo, Brazil)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-228-122-241.sa-east-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-228-122-241.sa-east-1.compute.amazonaws.com
| nts.embluemail.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
cloudfront.net
d2u2wpq9dm29lf.cloudfront.net |
57 KB |
| 2 |
embluemail.com
app.embluemail.com — Cisco Umbrella Rank: 411558 nts.embluemail.com — Cisco Umbrella Rank: 266014 |
4 KB |
| 1 |
linkado.vc
linkado.vc |
369 B |
| 8 | 3 |
| Domain | Requested by | |
|---|---|---|
| 5 | d2u2wpq9dm29lf.cloudfront.net |
app.embluemail.com
|
| 1 | nts.embluemail.com |
app.embluemail.com
|
| 1 | linkado.vc |
app.embluemail.com
|
| 1 | app.embluemail.com | |
| 8 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nts.embluemail.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.embluemail.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-06-04 - 2023-07-05 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
| linkado.vc Amazon RSA 2048 M02 |
2023-02-03 - 2023-07-22 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.embluemail.com/Online/VON.aspx?data=leyc4AzozF40O0zdFQSLd7hAXA9vL7zQysQeTlTsKxapjr/2QAwde/yYsQCx9b5C7AaQCXTv7QScmqQtJvoaBuxuwdnnIukg6XjTFi4ZMpPfQh5ux9EGwoXbpvWQF7Er!-!gP24qUtLSfewVMQRCuuCYHjR2Po0EjuEDY2mXaU+Qf85U2GX8sQAv6EB8XZUr2qc
Frame ID: D17E3311ED6C723B7A69100E6CC0888B
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Seu Banco te negou Cartão de Crédito?😭 PortoDetected technologies
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelWXuGFAQGEKkXvj5AQNx%2flZw%3d%3d!-!6e1ao5!-!https%3a%2f%2flinkado.vc%2fr%3fa%3d1106%26c%3d1216%26cr%3d2265%26ally_sub1%3dembh1%26l%3d755
Search URL Search Domain Scan URL
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelWEKoLmjSQLxz6OUXBThfekw%3d%3d!-!6e1ao5!-!https%3a%2f%2flinkado.vc%2fr%3fa%3d1106%26c%3d1216%26cr%3d2265%26ally_sub1%3dembh1%26l%3d755
Search URL Search Domain Scan URL
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelWjtyhljgpEhghU9gm1Bp9fA%3d%3d!-!6e1ao5!-!https%3a%2f%2flinkado.vc%2fr%3fa%3d1106%26c%3d1216%26cr%3d2265%26ally_sub1%3dembh1%26l%3d755
Search URL Search Domain Scan URL
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelWtS6tdMwQE47cOcMUPgw3Iw%3d%3d!-!6e1ao5!-!https%3a%2f%2flinkado.vc%2fr%3fa%3d1106%26c%3d1216%26cr%3d2265%26ally_sub1%3dembh1%26l%3d755
Search URL Search Domain Scan URL
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelW6xXVhbDaM0oGH6Q6%2flrB%2bw%3d%3d!-!6e1ao5!-!https%3a%2f%2fwww.hiper.legal%2fpolitica-de-privacidade
Title: Política de Privacidade
Title: Política de Privacidade
Search URL Search Domain Scan URL
URL: https://nts.embluemail.com/p/cl?data=leyc4AzozF40O0zdFQSLd9B%2b2604%2bpU105Mme%2beQTg637SKHHvPkjD9P2FzJWelWwx7mZQanj5l2SxtlCS0VoA%3d%3d!-!6e1ao5!-!https%3a%2f%2fwww.hiper.legal%2ftermos-de-uso
Title: Termos de Uso.
Title: Termos de Uso.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
VON.aspx
app.embluemail.com/Online/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner.png
d2u2wpq9dm29lf.cloudfront.net/2022/portosegurobank/0912/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
plus.png
d2u2wpq9dm29lf.cloudfront.net/2022/portosegurobank/0912/ |
358 B 742 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apps.png
d2u2wpq9dm29lf.cloudfront.net/2022/portosegurobank/0912/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cta.png
d2u2wpq9dm29lf.cloudfront.net/2022/portosegurobank/0912/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
socialmedia.png
d2u2wpq9dm29lf.cloudfront.net/2022/portosegurobank/0912/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i
linkado.vc/ |
35 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
op
nts.embluemail.com/p/ |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| app.embluemail.com/ | Name: ASP.NET_SessionId Value: zg3qbtwon22gdsw1pgdva5mn |
|
| .linkado.vc/ | Name: _iid Value: 1216.1106..9ac43c5f-ddad-4cbd-8722-7c3044482fc5 |
|
| .linkado.vc/ | Name: _cid Value: ca93e7bd-f226-4b6a-9759-95c343bd0dc4 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.embluemail.com
d2u2wpq9dm29lf.cloudfront.net
linkado.vc
nts.embluemail.com
18.228.122.241
201.234.171.146
2600:9000:2491:6a00:f:34b5:c4c0:21
54.232.254.159
1e03c3dc099b4d2540daaca15a95daea434f3c129ae1efeab5b3c54cda39d643
34e0b30d7e0880e00b2f90b6b10aaa3262b556cb1ef25fd3c39d1ed09f1c4afd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
83482e42855af4a0f67c25fcbb7ef4269b7ef09448b87da8f455dea1a2851716
daf679bb9c1b11cd4b183e24c05460eb7581cb39bb227473190ec7845c139013
e0375cc08273e76115dff18cab98c0bdf7060e7066b92026e762b9e3a4cdeddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9909d3e9428d4e979801338f02926e05d4b30b37292ef48a1bf3730c19575f