icicibank.gotrackier.com
Open in
urlscan Pro
2606:4700:10::6816:2056
Public Scan
Submitted URL: http://lnk.zeemail.in/ltrack?g=0&id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&clien...
Effective URL: https://icicibank.gotrackier.com/click?campaign_id=2&pub_id=14&p1=63494ed4807c1403404e252f&source=42_
Submission: On October 14 via api from DE — Scanned from DE
Effective URL: https://icicibank.gotrackier.com/click?campaign_id=2&pub_id=14&p1=63494ed4807c1403404e252f&source=42_
Submission: On October 14 via api from DE — Scanned from DE
Summary
This website contacted 2 IPs
in 3 countries
across 6 domains to perform 2 HTTP transactions.
The main IP is 2606:4700:10::6816:2056, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is icicibank.gotrackier.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time icicibank.gotrackier.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time icicibank.gotrackier.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 202.162.242.128 202.162.242.128 | 33480 (WEBWERKSAS1) (WEBWERKSAS1) | |
| 1 1 | 202.162.247.121 202.162.247.121 | 33480 (WEBWERKSAS1) (WEBWERKSAS1) | |
| 1 1 | 5.189.168.222 5.189.168.222 | 51167 (CONTABO) (CONTABO) | |
| 1 | 62.171.137.2 62.171.137.2 | 51167 (CONTABO) (CONTABO) | |
| 1 1 | 35.241.7.124 35.241.7.124 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2606:4700:10:... 2606:4700:10::6816:2056 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2 |
1
5.189.168.222
(Nuremberg, Germany)
ASN51167 (CONTABO, DE)
PTR: vmi273670.contaboserver.net
ASN51167 (CONTABO, DE)
PTR: vmi273670.contaboserver.net
| www.mailspilot.com |
1
62.171.137.2
(Nuremberg, Germany)
ASN51167 (CONTABO, DE)
PTR: m13502.contaboserver.net
ASN51167 (CONTABO, DE)
PTR: m13502.contaboserver.net
| www.adsenhance.com |
1
35.241.7.124
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 124.7.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 124.7.241.35.bc.googleusercontent.com
| trk.yasd.in |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
zeemail.in
2 redirects
lnk.zeemail.in |
608 B |
| 1 |
gotrackier.com
icicibank.gotrackier.com |
432 B |
| 1 |
yasd.in
1 redirects
trk.yasd.in |
358 B |
| 1 |
adsenhance.com
www.adsenhance.com |
1 KB |
| 1 |
mailspilot.com
1 redirects
www.mailspilot.com |
659 B |
| 1 |
saymails.com
1 redirects
appft.saymails.com |
513 B |
| 2 | 6 |
| Domain | Requested by | |
|---|---|---|
| 2 | lnk.zeemail.in | 2 redirects |
| 1 | icicibank.gotrackier.com |
www.adsenhance.com
|
| 1 | trk.yasd.in | 1 redirects |
| 1 | www.adsenhance.com | |
| 1 | www.mailspilot.com | 1 redirects |
| 1 | appft.saymails.com | 1 redirects |
| 2 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://icicibank.gotrackier.com/click?campaign_id=2&pub_id=14&p1=63494ed4807c1403404e252f&source=42_
Frame ID: 72408CFC7B47E630FFD9E7A790A0F3D8
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://lnk.zeemail.in/ltrack?g=0&id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdl...
HTTP 302
http://lnk.zeemail.in/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJ... HTTP 302
http://appft.saymails.com/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJ... HTTP 302
http://www.mailspilot.com/trk/?id=633aa954eb7a9&email=harcharan.singh@heraeus.com&s=ajBXcmdzeXFZcEdqak... HTTP 302
http://www.adsenhance.com/goto/?offer=24070&aff=892&did=19498&code=9562085 Page URL
-
http://trk.yasd.in/click?campaign_id=188&pub_id=42&p1=24070X892XXfSbCzs66X19498X8195542
HTTP 302
https://icicibank.gotrackier.com/click?campaign_id=2&pub_id=14&p1=63494ed4807c1403404e252f&source=42_ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lnk.zeemail.in/ltrack?g=0&id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&client=3980
HTTP 302
http://lnk.zeemail.in/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&rltnl=1 HTTP 302
http://appft.saymails.com/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&rltnl=1 HTTP 302
http://www.mailspilot.com/trk/?id=633aa954eb7a9&email=harcharan.singh@heraeus.com&s=ajBXcmdzeXFZcEdqakVKU2RWVTNrUT09 HTTP 302
http://www.adsenhance.com/goto/?offer=24070&aff=892&did=19498&code=9562085 Page URL
-
http://trk.yasd.in/click?campaign_id=188&pub_id=42&p1=24070X892XXfSbCzs66X19498X8195542
HTTP 302
https://icicibank.gotrackier.com/click?campaign_id=2&pub_id=14&p1=63494ed4807c1403404e252f&source=42_ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://lnk.zeemail.in/ltrack?g=0&id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&client=3980 HTTP 302
- http://lnk.zeemail.in/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&rltnl=1 HTTP 302
- http://appft.saymails.com/talentjobs/lt.php?id=ek4HVFEBVlQABRpUBggGBlxQWkk=AA0CWwcBBVJKWlYRUVpWFgBXTRJZXgEMdlBQRAUHFkYbV14P&rltnl=1 HTTP 302
- http://www.mailspilot.com/trk/?id=633aa954eb7a9&email=harcharan.singh@heraeus.com&s=ajBXcmdzeXFZcEdqakVKU2RWVTNrUT09 HTTP 302
- http://www.adsenhance.com/goto/?offer=24070&aff=892&did=19498&code=9562085
2 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
www.adsenhance.com/goto/ Redirect Chain
|
219 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
click
icicibank.gotrackier.com/ Redirect Chain
|
57 B 432 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| appft.saymails.com/ | Name: PHPSESSID Value: 11uggaj9p6ijfmgf035ljsfsi3 |
|
| www.mailspilot.com/ | Name: 633aa954eb7a98195542campaign Value: 25428 |
|
| www.mailspilot.com/ | Name: 633aa954eb7a98195542time Value: 2022-10-14+17%3A28%3A11 |
|
| www.mailspilot.com/ | Name: 633aa954eb7a98195542email Value: harcharan.singh%40heraeus.com |
|
| www.adsenhance.com/ | Name: phxKeyValuexxx24070 Value: |
|
| www.adsenhance.com/ | Name: phxCreativeIdxxx24070 Value: 19498 |
|
| www.adsenhance.com/ | Name: phxReferrerxxx24070 Value: |
|
| www.adsenhance.com/ | Name: phxPublisherIdxxx24070 Value: 892 |
|
| www.adsenhance.com/ | Name: PhxClickDateTimexxx24070 Value: 10%2F14%2F2022+5%3A28%3A12+PM |
|
| www.adsenhance.com/ | Name: txnIdxxx24070 Value: 24070X892XXfSbCzs66X19498X8195542 |
|
| www.adsenhance.com/ | Name: subId3xxx24070 Value: |
|
| www.adsenhance.com/ | Name: isoffext2407089219498 Value: 10%2F14%2F2022+5%3A28%3A12+PM |
|
| www.adsenhance.com/ | Name: subId2xxx24070 Value: |
|
| www.adsenhance.com/ | Name: subIdxxx24070 Value: |
|
| www.adsenhance.com/ | Name: phxUnique Value: |
|
| www.adsenhance.com/ | Name: ASPSESSIONIDQCTCDBAQ Value: ECHPMCCANALOGGLIAJJONIDJ |
|
| trk.yasd.in/ | Name: sess_62381ddaa51b2129692a9fb8 Value: 6019258a888fa5327b459944 |
|
| .gotrackier.com/ | Name: __cf_bm Value: 6QUl3MXuls9z5dKxshGlRfHuHFs3ta8TF9mmKzrnhow-1665748692-0-AZe5L4P3ruE/vb6crTSD55WWq+fCzC7/1CQ7PYdm3qpfXaUTFpbO//HtTygkVgVNzFtMoUcLqSfKWUxuqjowCPE= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appft.saymails.com
icicibank.gotrackier.com
lnk.zeemail.in
trk.yasd.in
www.adsenhance.com
www.mailspilot.com
202.162.242.128
202.162.247.121
2606:4700:10::6816:2056
35.241.7.124
5.189.168.222
62.171.137.2
3bb42402b7c16fdc3ceb3c37e62ef7226f0daff9f64de216a1926d60e101b616