urlscan.io logo urlscan.io
SecurityTrails logo

view.emails.hertz.com Open in urlscan Pro
13.111.46.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aa...
Submission Tags: phishing malicious Search All
Submission: On March 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 13.111.46.204, located in United States and belongs to EXACT-7, US. The main domain is view.emails.hertz.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 17th 2020. Valid for: a year.
This is the only time view.emails.hertz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.111.46.204 22606 (EXACT-7)
6 45.60.33.5 19551 (INCAPSULA)
1 13.111.45.204 22606 (EXACT-7)
3 54.77.62.253 16509 (AMAZON-02)
1 2 192.65.229.43 62961 (BISNET1)
7 184.30.16.205 16625 (AKAMAI-AS)
20 7
1    13.111.46.204 (United States)

ASN22606 (EXACT-7, US)
PTR: view.emails.hertz.com
view.emails.hertz.com
6    45.60.33.5 (United States)

ASN19551 (INCAPSULA, US)
images.hertz.com
1    13.111.45.204 (United States)

ASN22606 (EXACT-7, US)
PTR: click.emails.hertz.com
click.emails.hertz.com
3    54.77.62.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-62-253.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    192.65.229.43 (United States)

ASN62961 (BISNET1, US)
PTR: 192-165-229-43.blueshift.net
438-img.c3tag.com
7    184.30.16.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-205.deploy.static.akamaitechnologies.com
image.emails.hertz.com
Domain Requested by
7 image.emails.hertz.com view.emails.hertz.com
6 images.hertz.com view.emails.hertz.com
images.hertz.com
3 beacon.krxd.net view.emails.hertz.com
2 438-img.c3tag.com 1 redirects view.emails.hertz.com
1 click.emails.hertz.com view.emails.hertz.com
1 view.emails.hertz.com
0 em.realtime.email Failed view.emails.hertz.com
20 7

This site contains links to these domains. Also see Links.

Domain
click.emails.hertz.com
Subject Issuer Validity Valid
view.emails.hertz.com
DigiCert SHA2 Secure Server CA		 2020-06-17 -
2021-06-22		 a year crt.sh
*.hertz.com
GlobalSign RSA OV SSL CA 2018		 2020-04-23 -
2022-04-24		 2 years crt.sh
click.emails.hertz.com
DigiCert SHA2 Secure Server CA		 2020-06-17 -
2021-06-22		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.c3tag.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-26 -
2021-05-25		 3 years crt.sh
akamai-san19.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Frame ID: 38174E3E838895B46BB2A026E61A41A5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

7
IPs

3
Countries

432 kB
Transfer

432 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://438-img.c3tag.com/v.gif?cid=438&c3ch=Email&c3nid=H_US_NM_WP_WRAP_PNT_20210307 HTTP 302
  • https://438-img.c3tag.com/x.gif
Request Chain 11
  • https://em.realtime.email/service/rte?kind=duration&account_id=7888&campaign_id=1373295491&esp_uid= HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=0 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=1 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=2 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=3 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=4 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=5 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=6 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=7 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=8 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=9 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=10 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=11 HTTP 302
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=12

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
view.emails.hertz.com/ 		46 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.46.204 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
view.emails.hertz.com
Software
/
Resource Hash
7a867f63f92c5bd2dece458a2809678da4465eb373cc50ac157521b8ba27c89d

Request headers

Host
view.emails.hertz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Mar 2021 14:47:14 GMT
Connection
close
Content-Length
47321
Ride.css
images.hertz.com/font/css/family/ 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/css/family/Ride.css
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d7549110008286379087f30bb3639171f8fca8cbe0abead84aaf5e53fba0a6e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:15 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 10:36:33 GMT
x-cdn
Imperva
etag
W/"5f1fffb1-934"
content-type
text/css
access-control-allow-origin
*
x-iinfo
3-48205263-0 0CNN RT(1615214835955 0) q(0 -1 -1 34) r(0 -1)
cache-control
max-age=3600, public
content-length
416
expires
Mon, 08 Mar 2021 15:47:15 GMT
RideLight.css
images.hertz.com/font/css/family/ 		3 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/css/family/RideLight.css
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1e9080c754c576fe4be3a3fe98f7e8e92baaddf0ac96375a5892b0ccd33fe928

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:16 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 10:36:33 GMT
x-cdn
Imperva
etag
W/"5f1fffb1-a25"
content-type
text/css
access-control-allow-origin
*
x-iinfo
3-48205264-48194217 2VNN RT(1615214835955 0) q(0 0 0 35) r(4 4)
cache-control
max-age=3600, public
content-length
427
expires
Mon, 08 Mar 2021 15:47:16 GMT
RideCondensed.css
images.hertz.com/font/css/family/ 		1 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/css/family/RideCondensed.css
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
61ebea5e18e6bfeec6dafce3460df31ac8cc736a605ab0f32bfdab0bc0bda5de

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:15 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 10:36:33 GMT
x-cdn
Imperva
etag
W/"5f1fffb1-566"
content-type
text/css
access-control-allow-origin
*
x-iinfo
3-48205265-48158298 2VNN RT(1615214835955 0) q(0 0 0 36) r(4 4)
cache-control
max-age=3600, public
content-length
349
expires
Mon, 08 Mar 2021 15:47:15 GMT
RideExtrabold.css
images.hertz.com/font/css/family/ 		1 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/css/family/RideExtrabold.css
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
724e2486aaaeeb2591bee9f44e55f8b45eb4abb0ddc90a6c9d90c62e1eecc24d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:15 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 10:36:33 GMT
x-cdn
Imperva
etag
W/"5f1fffb1-566"
content-type
text/css
access-control-allow-origin
*
x-iinfo
3-48205266-48196718 2CNN RT(1615214835955 0) q(0 0 0 36) r(0 0)
cache-control
max-age=3600, public
content-length
350
expires
Mon, 08 Mar 2021 15:47:15 GMT
open.aspx
click.emails.hertz.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.emails.hertz.com/open.aspx?ffcb10-fecd167076650c79-fe4d15787c61027a7213-fe8b13727063027b76-ff64157877-fe6415737d66077f751c-ff3a16717465&d=70152&bmt=0
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.45.204 , United States, ASN22606 (EXACT-7, US),
Reverse DNS
click.emails.hertz.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:15 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
1x1_usermatch.gif
beacon.krxd.net/ 		42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_usermatch.gif?partner=L8Pijb6F_sfmc_7257663_sha256&partner_uid=2d0ac13354019d91f1b1e36ec9239ab05cdcc1f5ea591e7f5723bfa028f9f696
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-62-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 08 Mar 2021 14:47:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1615214836
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n009-dub-prod.krxd.net
1x1_usermatch.gif
beacon.krxd.net/ 		42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_usermatch.gif?partner=L8Pijb6F_sfmc_7257663_subid&partner_uid=13823208
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-62-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 08 Mar 2021 14:47:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1615214836
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n018-dub-prod.krxd.net
1x1_ad_impression.gif
beacon.krxd.net/ 		42 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/1x1_ad_impression.gif?confid=s6iu815js&advertiserid=7257663&campaignid=H_US_NM_WP_WRAP_PNT_20210307
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.62.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-62-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 08 Mar 2021 14:47:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1615214836
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
42
x-served-by
beacon-n011-dub-prod.krxd.net
x.gif
438-img.c3tag.com/
Redirect Chain
  • https://438-img.c3tag.com/v.gif?cid=438&c3ch=Email&c3nid=H_US_NM_WP_WRAP_PNT_20210307
  • https://438-img.c3tag.com/x.gif
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://438-img.c3tag.com/x.gif
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.65.229.43 , United States, ASN62961 (BISNET1, US),
Reverse DNS
192-165-229-43.blueshift.net
Software
Apache /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 14:47:16 GMT
server
Apache
etag
"2552792371615214836"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/gif
access-control-expose-headers
ETag, f, c3uid
cache-control
no-cache
content-length
43
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 14:47:16 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/gif
location
x.gif
cache-control
no-store, no-cache, must-revalidate
content-length
35
expires
Thu, 19 Nov 1981 08:52:00 GMT
3ee36829-f455-412f-aee6-affb0b7048ba.png
image.emails.hertz.com/lib/fe8e1372736d057876/m/1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8e1372736d057876/m/1/3ee36829-f455-412f-aee6-affb0b7048ba.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5708ad0889f68c814fe46c23b8387eca9ac28a2bbfa40285326e7e8fca8f47db

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:16 GMT
Last-Modified
Mon, 19 Feb 2018 19:58:48 GMT
Server
AkamaiNetStorage
ETag
"300750a2cf9662eb0fe9bc0b46865ee9:1519070328.415349"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6413
a6ef3405-d38f-4c0c-820b-780074116a50.gif
image.emails.hertz.com/lib/fe8b13727063027b76/m/4/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/4/a6ef3405-d38f-4c0c-820b-780074116a50.gif
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6978ab9f96d89ed5b2246ed02265139cfe7004d81ace21eacd51009c62b6e3a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:16 GMT
Last-Modified
Thu, 04 Mar 2021 19:00:27 GMT
Server
AkamaiNetStorage
ETag
"3dad72d28c3652c1a71c9a184fa5e07e:1614884427.881573"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
202181
rte
em.realtime.email/service/
Redirect Chain
  • https://em.realtime.email/service/rte?kind=duration&account_id=7888&campaign_id=1373295491&esp_uid=
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=0
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=1
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=2
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=3
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=4
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=5
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=6
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=7
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=8
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=9
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=10
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=11
  • https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=12
0
0
fae5ee60-a021-4781-b158-42ece269daa5.png
image.emails.hertz.com/lib/fe8b13727063027b76/m/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/4/fae5ee60-a021-4781-b158-42ece269daa5.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc4be6d294e8d50b14670811eb95e8eb5a69ef3b2412903914f630f0cdcb2699

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:17 GMT
Last-Modified
Wed, 24 Jun 2020 13:18:41 GMT
Server
AkamaiNetStorage
ETag
"887e7f71078d5181cc38424ef3155e99:1593004721.41714"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6260
adab5683-91d9-408b-902c-71ce474c60bc.png
image.emails.hertz.com/lib/fe8b13727063027b76/m/4/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/4/adab5683-91d9-408b-902c-71ce474c60bc.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4e014d3f72b56d7b1c3dcc6b4c150fd1cad33030025a6aee3d09dfb847a468d9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:16 GMT
Last-Modified
Wed, 24 Jun 2020 13:18:42 GMT
Server
AkamaiNetStorage
ETag
"1f7c200e2137c9a6c65ea827b0f4299d:1593004722.417375"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9237
8f837943-f18b-48c0-984a-787edcb10653.png
image.emails.hertz.com/lib/fe8b13727063027b76/m/4/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/4/8f837943-f18b-48c0-984a-787edcb10653.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
33f5a066864e44def50c930eb7b413f832fd14ee916d9c1b3d197cd5cd02ac6a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:17 GMT
Last-Modified
Wed, 24 Jun 2020 13:18:44 GMT
Server
AkamaiNetStorage
ETag
"351335e4b20129682e046b67b91aad26:1593004724.209389"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74165
310a2487-6747-4ad9-a7de-05a2f349f62d.png
image.emails.hertz.com/lib/fe8b13727063027b76/m/4/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/4/310a2487-6747-4ad9-a7de-05a2f349f62d.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
436bf801639e1933a05409f488b0a58fba082fcaae12552df37edf9163078a18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:17 GMT
Last-Modified
Wed, 24 Jun 2020 13:18:45 GMT
Server
AkamaiNetStorage
ETag
"9c499b296d8711ec9410c92b08a42462:1593004725.462"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7661
38dd2845-7cf3-4a54-bb5a-0d56f91d733e.png
image.emails.hertz.com/lib/fe8b13727063027b76/m/1/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.emails.hertz.com/lib/fe8b13727063027b76/m/1/38dd2845-7cf3-4a54-bb5a-0d56f91d733e.png
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-205.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2ce108112731fcc010df5635f24ccafb6d17d26c6358318f417c4c4adbf9d774

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 14:47:17 GMT
Last-Modified
Thu, 20 Sep 2018 13:01:38 GMT
Server
AkamaiNetStorage
ETag
"6a4a1c068dc9b0b587dd7aaa49e135c3:1537448498.686076"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7558
Ride.woff
images.hertz.com/font/font/Ride/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/font/Ride/Ride.woff
Requested by
Host: view.emails.hertz.com
URL: https://view.emails.hertz.com/?qs=2b624a5a062fe939329824afeb24c6a03e9c8183bd699a7400fbba8c6dc0508caaea1e842a32436f5b91482ff6aad5c1f2782b8da86a37d030dcd167125eecdd5d23cf1de79d9741e6caca36c9e77036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ff72c8ff33421bb71e4113b64b5b6c2dfb589e69898848bc7dddfba2902e9924

Request headers

Origin
https://view.emails.hertz.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:15 GMT
last-modified
Tue, 28 Jul 2020 10:36:39 GMT
x-cdn
Imperva
etag
"5f1fffb7-91c0"
content-type
font/woff
access-control-allow-origin
*
x-iinfo
9-93738663-0 0CNN RT(1615214835141 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=3600, public
content-length
37312
expires
Mon, 08 Mar 2021 15:47:15 GMT
Ride-Bold.woff
images.hertz.com/font/font/Ride/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.hertz.com/font/font/Ride/Ride-Bold.woff
Requested by
Host: images.hertz.com
URL: https://images.hertz.com/font/css/family/Ride.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.5 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
28f8f83e31984ce7c400f39563f9b57223016ee03fc61f3e1eb69baf12499432

Request headers

Origin
https://view.emails.hertz.com
Referer
https://images.hertz.com/font/css/family/Ride.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 14:47:15 GMT
last-modified
Tue, 28 Jul 2020 10:36:38 GMT
x-cdn
Imperva
etag
"5f1fffb6-8de0"
content-type
font/woff
access-control-allow-origin
*
x-iinfo
9-93738739-0 0CNN RT(1615214835572 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=3600, public
content-length
36320
expires
Mon, 08 Mar 2021 15:47:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
em.realtime.email
URL
https://em.realtime.email/service/rte?kind=duration&id=0&user_id=185.212.171.67&account_id=7888&campaign_id=1373295491&delays=1&i=12

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

438-img.c3tag.com
beacon.krxd.net
click.emails.hertz.com
em.realtime.email
image.emails.hertz.com
images.hertz.com
view.emails.hertz.com
em.realtime.email
13.111.45.204
13.111.46.204
184.30.16.205
192.65.229.43
45.60.33.5
54.77.62.253
1e9080c754c576fe4be3a3fe98f7e8e92baaddf0ac96375a5892b0ccd33fe928
28f8f83e31984ce7c400f39563f9b57223016ee03fc61f3e1eb69baf12499432
2ce108112731fcc010df5635f24ccafb6d17d26c6358318f417c4c4adbf9d774
33f5a066864e44def50c930eb7b413f832fd14ee916d9c1b3d197cd5cd02ac6a
436bf801639e1933a05409f488b0a58fba082fcaae12552df37edf9163078a18
4e014d3f72b56d7b1c3dcc6b4c150fd1cad33030025a6aee3d09dfb847a468d9
5708ad0889f68c814fe46c23b8387eca9ac28a2bbfa40285326e7e8fca8f47db
61ebea5e18e6bfeec6dafce3460df31ac8cc736a605ab0f32bfdab0bc0bda5de
6978ab9f96d89ed5b2246ed02265139cfe7004d81ace21eacd51009c62b6e3a0
724e2486aaaeeb2591bee9f44e55f8b45eb4abb0ddc90a6c9d90c62e1eecc24d
7a867f63f92c5bd2dece458a2809678da4465eb373cc50ac157521b8ba27c89d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc4be6d294e8d50b14670811eb95e8eb5a69ef3b2412903914f630f0cdcb2699
d7549110008286379087f30bb3639171f8fca8cbe0abead84aaf5e53fba0a6e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff72c8ff33421bb71e4113b64b5b6c2dfb589e69898848bc7dddfba2902e9924