click.phealthinsurance.com
Open in
urlscan Pro
62.138.7.222
Public Scan
Effective URL: https://click.phealthinsurance.com/?t=u&schedule_campaign_id=MzY2Nw%3D%3D&subscriber_id=NDMzMDE0MA%3D%3D&ids=ODI%3D__MTUzMzU5OTI3__...
Submission: On October 18 via manual from IN — Scanned from US
Summary
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.
This is the only time click.phealthinsurance.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 205.139.111.117 205.139.111.117 | 30031 (MIMECAST-) (MIMECAST-) | |
1 | 62.138.7.222 62.138.7.222 | 8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2 |
ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com |
ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: serv31731.hh-networks.com
click.phealthinsurance.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
mimecast.com
2 redirects
protect-us.mimecast.com — Cisco Umbrella Rank: 8270 |
3 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216 |
33 KB |
1 |
phealthinsurance.com
click.phealthinsurance.com |
14 KB |
2 | 3 |
Domain | Requested by | |
---|---|---|
2 | protect-us.mimecast.com | 2 redirects |
1 | cdnjs.cloudflare.com |
click.phealthinsurance.com
|
1 | click.phealthinsurance.com | |
2 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
click.phealthinsurance.com R3 |
2022-10-09 - 2023-01-07 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://click.phealthinsurance.com/?t=u&schedule_campaign_id=MzY2Nw%3D%3D&subscriber_id=NDMzMDE0MA%3D%3D&ids=ODI%3D__MTUzMzU5OTI3__MzI5
Frame ID: 89D254E612DB24CEB09D99CEEEFA50A5
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-us.mimecast.com/s/iHtvCL9RP9I8oBL3cBqqWZ?domain=click.phealthinsurance.com
HTTP 307
https://protect-us.mimecast.com/r/rpL3kV26rRYz4iNz58ltvMGJOltBI2FwaiyVk4Mo_bIq0QfTjA8ooFFoZ1u2cEa8rn9BbnyXUp... HTTP 307
https://click.phealthinsurance.com/?t=u&schedule_campaign_id=MzY2Nw%3D%3D&subscriber_id=NDMzMDE0MA%3D%3D&ids=OD... Page URL
Detected technologies
GSAP (JavaScript frameworks) ExpandDetected patterns
- TweenMax(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-us.mimecast.com/s/iHtvCL9RP9I8oBL3cBqqWZ?domain=click.phealthinsurance.com
HTTP 307
https://protect-us.mimecast.com/r/rpL3kV26rRYz4iNz58ltvMGJOltBI2FwaiyVk4Mo_bIq0QfTjA8ooFFoZ1u2cEa8rn9BbnyXUpV3-3uiGH6a-7kfAA-rmZB_mFW53-lXu-AyLVNui1h04RM9zQT-0WJa3ldlla7Bfoxak6PFD6hwl-JcdjYSjhWT_O72KifkGico3N-AuWiefkwgpnVTbImqXxjTzMLi3qb7-O6iDN-wxDbRTaOJI1zRDa7v2WXajnJR7CK3_qhsVWqkE3hfO8NXuzdZLN08j5pE1sanIwwNUsjfUDWf3vXvepNKJQy1QyJ3RnfQzLEx4xwjiEOhJ04Qx4lOvdYhzj019f0P9gHUeKlHGP8z2z1AsiDsBM7rlh_Mp0vvpOXc3nzpVFK6x-FtQ72BDkzD2RfveQB6ptvcF4jFDilOj_EzdKRV8Dv8eRMWzJlZf2CQrL3LY1BRDkydXSqowo7gfqy9u72WRAiWw2COCwKiHPgII8LdNwJtdGgq0eqNHBiD9jEta5dU8wcAENCjumRok3wfTi_aYLalDGNIYrKzhtP-z5asKiIASfWHBzFgK8aSCyQcTT9Ag2PiDHQGJfe3Cj7yOduKa4jHyP-iprbEo8BiA2l_lL8lP4MNBUGzuNaeV_Ff8RaF-SdNT66fL2ZRbgxgVEYJ0SMESbPJ2bIJ4hJWblBRhycNyqXQn9pzTsh3j_oXdjgPR5XlZj59WUdJ6ERumOHGUVqSKxmlJ2mwdMbKjKoZsABZrtmOWrbpvNZV1ybkTQuVoZyMzseS6hB6U4KE1wYve6jon6L-gjFVIewg35Kr5Qq5aATTswVCo4PoUVQHjvP2Htc2epAjU6pFLCgb6Bpu5oXrQ3amxwtm8DXs1uF1DQOxpHEfb8z-bV1WPQD0LaL9WLNE9xUXoB9x3zBg18cRV9q-FoSEvk1NauZiHChZ1HHZizwvwEoO9dLOnwJZFjmyKGQn9bg2uWzZOVBgrS1IffPgE9Gj8-eMYoqegNk-THh6Ek4sZPKyc7wxudW74JOVkfWMSm6iotlVTeIU4vBAxDBTV_PjD3KrlX1BEpZEg6-bJRcHb8eVrvJTLmBqTbm0BNgow8XWele_oKHWa1BgEqIasdZV5AbeZGG9Aw2y0BL-04EP60LqICEmmof_XGQXy2VzU9_xo1weOF5roi2eCznAHn2MaJF2ZRKWb2codjU1DYSPKIN1hAvJSCgNJ7pTlrbxNf7lzQuA2AzIqRO-yfO101rDeEqE6o1Ueyj20P__i6-UPJ2jeS1ovlMubz9qE93_Hjzlbt3meYY6grpM3AkPO_Mid2k422zSJ8V_7rAlY2C8EttaOL_f34Oijf6j6U6FYsgqEHGQaT07oG1OyvCbqffaJIMOp1vdbaMe6mqXPwGCKvE6Uw26kC16AOHjMpPA55dOIts3nFWYB9CwJIeTPXkhduIaPOUzSo3Rjku1H4Ve2ZEMWKIafs98-F4cAfO3DTObm4qsDbZTGuWutPeRddiIbjE3T37GkL4y7WmLBvv1ZGr69fEnmWgkOBVWpD7AzfY3qqgYGaY_wlQd9du8xnWDVfk4dm__3ZFtea6ePHEkLrnA5piu0-GrtmnT5hOOxeNj1h1WsyPT7-Fc6Ey6czIfMPAmxqdhxGmWDrKBYQi2I4Yq85v4bhuHXpARFAPvKpaoPYyCjpRpRYe_ZakQBRrL5UgsE4v4a5wdWz21210iEv8vZNQfnzG7sBcjAQ1HMpbG-xnsDtFLvu5YKbw1w0hYj40yiX8TDP8PojFdP2s1I5RxARRHgVr4Jx6g8qi1TvTku-oSNIYgvIKrOYocODBqpPBqRPcqRB3BdRu1V5-7nMwCEF6_vYT-ObSHD_OzeXiDQuiTnocOrR5xTVfnxIYbHYwrVIyyjBXAcS4Owm184eeYKYXgcePANsd7vyHqz5JImCSrsmZmuaSRo_7ziQkQAt_LgE8kUWJ_xpdICQM HTTP 307
https://click.phealthinsurance.com/?t=u&schedule_campaign_id=MzY2Nw%3D%3D&subscriber_id=NDMzMDE0MA%3D%3D&ids=ODI%3D__MTUzMzU5OTI3__MzI5 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
click.phealthinsurance.com/ Redirect Chain
|
58 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ |
112 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| MorphSVGPlugin number| windowWidth number| windowHeight function| setWindowSize object| eyes object| cursorPos function| mousemove function| touchmove object| eyeFollow boolean| clicked undefined| cancelled object| animate function| random0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
click.phealthinsurance.com
protect-us.mimecast.com
205.139.111.117
2606:4700::6811:190e
62.138.7.222
baad490eecba1218aebad284efdcb175b6fbedc2a427d2c6de409f6306708de0
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123