your.lufthansa-group.com
Open in
urlscan Pro
12.130.135.93
Public Scan
Submitted URL: https://smile.austrian.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQG1hgf8pIroNyKU8lccfn9sycy2za9f3MqKs0E9vzb2wBc1bIJmdzbGO3M26aFY...
Effective URL: https://your.lufthansa-group.com/pub/sf/FormLink?_ri_=X0Gzc2X%3DAQpglLjHJlTQGzafgEbzdot8zeat4zazgOiUDvwn1Ezfzg4dL7T9lJnIcRirDYIiq...
Submission: On May 12 via manual from DE — Scanned from DE
Effective URL: https://your.lufthansa-group.com/pub/sf/FormLink?_ri_=X0Gzc2X%3DAQpglLjHJlTQGzafgEbzdot8zeat4zazgOiUDvwn1Ezfzg4dL7T9lJnIcRirDYIiq...
Submission: On May 12 via manual from DE — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 3 domains to perform 5 HTTP transactions.
The main IP is 12.130.135.93, located in
Watsonville, United States and
belongs to CERNET-ASN-BLOCK, US.
The main domain is your.lufthansa-group.com.
The Cisco Umbrella rank of the primary domain is 208147.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 20th 2022. Valid for: a year.
This is the only time your.lufthansa-group.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 20th 2022. Valid for: a year.
This is the only time your.lufthansa-group.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 12.130.131.147 12.130.131.147 | 4263 (CERNET-AS...) (CERNET-ASN-BLOCK) | |
| 1 2 | 12.130.135.93 12.130.135.93 | 4263 (CERNET-AS...) (CERNET-ASN-BLOCK) | |
| 4 | 69.192.160.165 69.192.160.165 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 5 | 2 |
1
12.130.131.147
(Watsonville, United States)
ASN4263 (CERNET-ASN-BLOCK, US)
PTR: smile.austrian.com
ASN4263 (CERNET-ASN-BLOCK, US)
PTR: smile.austrian.com
| smile.austrian.com |
2
12.130.135.93
(Watsonville, United States)
ASN4263 (CERNET-ASN-BLOCK, US)
PTR: your.lufthansa-group.com
ASN4263 (CERNET-ASN-BLOCK, US)
PTR: your.lufthansa-group.com
| your.lufthansa-group.com |
4
69.192.160.165
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-165.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-165.deploy.static.akamaitechnologies.com
| static.cdn.responsys.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
responsys.net
static.cdn.responsys.net — Cisco Umbrella Rank: 8936 |
115 KB |
| 2 |
lufthansa-group.com
1 redirects
your.lufthansa-group.com — Cisco Umbrella Rank: 208147 |
269 KB |
| 1 |
austrian.com
1 redirects
smile.austrian.com |
1006 B |
| 5 | 3 |
| Domain | Requested by | |
|---|---|---|
| 4 | static.cdn.responsys.net |
your.lufthansa-group.com
|
| 2 | your.lufthansa-group.com | 1 redirects |
| 1 | smile.austrian.com | 1 redirects |
| 5 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.austrian.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| your.lufthansa-group.com Sectigo RSA Organization Validation Secure Server CA |
2022-09-20 - 2023-10-20 |
a year | crt.sh |
| *.cdn.responsys.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-24 - 2023-12-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://your.lufthansa-group.com/pub/sf/FormLink?_ri_=X0Gzc2X%3DAQpglLjHJlTQGzafgEbzdot8zeat4zazgOiUDvwn1Ezfzg4dL7T9lJnIcRirDYIiqnVXyjLNpLOfhKLX%3DHgKjLHkQLmklLjohtFxOpthQJhuVXMtX%3DAQpglLjHJlTQGzdUYH7HjrDIiG2zbj2ti6ypzePcHN21DeJzeeGLwpvG43fjAvza&_ei_=ETDwShSEkdCmIDZVwmKlXyaPJOWqvxp3Qquy3wStR7LcQ0RUjZijKoiqabHvA-m_cURxAnBH-3mZiaPU-Q1K-Ow_LpDolS8mST4F4eKwbmcxLpGgoSAa7uywGg757Lnn.&_di_=illirpseoflb9ftg1mtv969gjgcf81l64u54pe29ct9f72e9jj2g
Frame ID: 1488AA09DC946B4ADE729DD3C005CF04
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Austrian AirlinesPage URL History Show full URLs
-
https://smile.austrian.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQG1hgf8pIroNyKU8lccfn9sycy2za9f3MqKs0E9vzb2...
HTTP 302
https://your.lufthansa-group.com/pub/rf?_ri_=X0Gzc2X%3DYQpglLjHJlTQGiafIFgEozcX9XLtfCGiKvkYJY4aMstidzb0mcHnVw... HTTP 302
https://your.lufthansa-group.com/pub/sf/FormLink?_ri_=X0Gzc2X%3DAQpglLjHJlTQGzafgEbzdot8zeat4zazgOiUDvwn1Ezfz... Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.austrian.com/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://smile.austrian.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlTQG1hgf8pIroNyKU8lccfn9sycy2za9f3MqKs0E9vzb2wBc1bIJmdzbGO3M26aFYdfybVXtpKX%3DSYUSRRDU&_ei_=EWSVKZFW9I606tGc1PPVh777Rugb74LCBhnz_lEnI-gr6AvTCNLMRqQeDPHVyaGzxv4fWq0TZ7RhzGpuFFRvL7vkVDtqPEh0XkPOxImIaq3RqAu5qyjeRT02W5DNI0u3u3oOA9q9j2XVMyXWvBpgPdp9LTIBBg.&_di_=jr9r4siu0pgksjs4hqed0ad6vjsdfun1grl9oec0rc36m32bl0g0
HTTP 302
https://your.lufthansa-group.com/pub/rf?_ri_=X0Gzc2X%3DYQpglLjHJlTQGiafIFgEozcX9XLtfCGiKvkYJY4aMstidzb0mcHnVwjpnpgHlpgneHmgJoXX0Gzc2X%3DYQpglLjHJlTQGsUizfR8DdSDOzfEHDUazfUp9lJY4aMstidzb0mcHn&COUNTRY_=DEU&EMAIL_ADDRESS_=andreas.eusterholz@wilo.com&LANGUAGE=de&CUSTOMER_ID_=0&PERM=APNLOS HTTP 302
https://your.lufthansa-group.com/pub/sf/FormLink?_ri_=X0Gzc2X%3DAQpglLjHJlTQGzafgEbzdot8zeat4zazgOiUDvwn1Ezfzg4dL7T9lJnIcRirDYIiqnVXyjLNpLOfhKLX%3DHgKjLHkQLmklLjohtFxOpthQJhuVXMtX%3DAQpglLjHJlTQGzdUYH7HjrDIiG2zbj2ti6ypzePcHN21DeJzeeGLwpvG43fjAvza&_ei_=ETDwShSEkdCmIDZVwmKlXyaPJOWqvxp3Qquy3wStR7LcQ0RUjZijKoiqabHvA-m_cURxAnBH-3mZiaPU-Q1K-Ow_LpDolS8mST4F4eKwbmcxLpGgoSAa7uywGg757Lnn.&_di_=illirpseoflb9ftg1mtv969gjgcf81l64u54pe29ct9f72e9jj2g Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
FormLink
your.lufthansa-group.com/pub/sf/ Redirect Chain
|
268 KB 268 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.min.js
static.cdn.responsys.net/i2/responsysimages/content/lufthansa/ |
156 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lh_jquery.min.js
static.cdn.responsys.net/i2/responsysimages/content/lufthansa/ |
48 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Austrian_logo.png
static.cdn.responsys.net/i2/responsysimages/lufthansa/contentlibrary/av/lh/y_unsubscribe/2018/os/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyvisual.jpg
static.cdn.responsys.net/i2/responsysimages/lufthansa/contentlibrary/av/lh/y_unsubscribe/2018/os/img/ |
49 KB 50 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| html5 object| respond function| $ function| jQuery function| popupWin function| openPopup function| findPosX function| findPosY function| lnkToParentWin string| queryReplaceArea string| classOpen string| classToggle string| classMenu string| classActive string| classTransition function| getFormattedCurrentTimestamp number| eventIdx function| eventIdField function| getFormattedDate function| addZeroIfNeccessary object| inflight number| inflightCounter boolean| handledError function| handleResponse function| handleSuccess function| handleError function| showSuccessMessage function| showErrorMessage function| isError object| mmCustomer object| _lh object| _lhl object| $stagearea object| jQuery111207920584086382572 number| min1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .austrian.com/pub | Name: 6.interact2.Xz.....N.N... Value: _ri_=X0Gzc2X%3DAQpglLjHJlTQG1hgf8pIroNyKU8lccfn9sycy2za9f3MqKs0E9vzb2wBc1bIJmdzbGO3M26aFYdfybVXtpKX%3DSYUSRRDU&_ei_=EWSVKZFW9I606tGc1PPVh77-TzEy_dG8LlWRaXicb3SNhBKpw8qgvAdok7o7frrbIpY9DfVYWD4f7WWiobg0HxU3uVNeE2NKUajMJTwn8fYB7FdG1PbawqWZ1iqhawzmNiTwCHmzDYHseLfFGPQnBss |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
smile.austrian.com
static.cdn.responsys.net
your.lufthansa-group.com
12.130.131.147
12.130.135.93
69.192.160.165
276cc998ce498279eaf24d8dea0afcfb8f017129799737a7f283ed698b46f26a
42ad0b7bd399ab40edb42492d6ebf5b8ea4e828c6c90a3713e6e6abf80e4133c
6d179d46a2db77a9b363c365b81c65f1128947eb5acd2c379d942d1f3333cb04
b7de6586dd846e31efd7a7674dca14f605c0b7303b705fadd8d76c0db0ea5805
e31e5ce7410b4204a9abf4c400e7cce8be5e805a66bcce0cf03bcd0826abd651