gbt.infopoint.intelliguide.com Open in urlscan Pro
18.173.187.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alerts.ntmllc.com/ls/click?upn=Lj6l9KjOeW8vEOcDDixy5tC9zc-2FdtCGe4Zd03RUoJT1IEofwXfRvLKsAXcOFAJyGM0lVs3nUcKrzWR7CH...
Effective URL:
https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f
Submission: On August 31 via manual (August 31st 2023, 11:23:56 pm UTC) — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 18.173.187.118, located in United States and belongs to AMAZON-02, US. The main domain is gbt.infopoint.intelliguide.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 17th 2022. Valid for: a year.

This is the only time gbt.infopoint.intelliguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
2 4	18.173.187.118 18.173.187.118	16509 (AMAZON-02) (AMAZON-02)
1 1	18.173.187.107 18.173.187.107	16509 (AMAZON-02) (AMAZON-02)
2	1

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

alerts.ntmllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.187.118 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-118.muc50.r.cloudfront.net

gbt.infopoint.intelliguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-107.muc50.r.cloudfront.net

gbt.infopoint.intelliguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	intelliguide.com 3 redirects gbt.infopoint.intelliguide.com	21 KB
1	ntmllc.com 1 redirects alerts.ntmllc.com — Cisco Umbrella Rank: 795947	324 B
2	2

	Domain	Requested by
5	gbt.infopoint.intelliguide.com	3 redirects gbt.infopoint.intelliguide.com
1	alerts.ntmllc.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.intelliguide.com Amazon RSA 2048 M02	`2022-10-17` - `2023-11-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f
Frame ID: 7EA9C197716DCD80DB8FB74EC72258DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Alert

Page URL History Show full URLs

http://alerts.ntmllc.com/ls/click?upn=Lj6l9KjOeW8vEOcDDixy5tC9zc-2FdtCGe4Zd03RUoJT1IEofwXfRvLKsAXcOFA... HTTP 302
https://gbt.infopoint.intelliguide.com/WebView?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012e... HTTP 301
http://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012... HTTP 301
https://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012... HTTP 302
https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a50... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

20 kB
Transfer

27 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alerts.ntmllc.com/ls/click?upn=Lj6l9KjOeW8vEOcDDixy5tC9zc-2FdtCGe4Zd03RUoJT1IEofwXfRvLKsAXcOFAJyGM0lVs3nUcKrzWR7CH-2FBC1DsIt34kDacI3AVX0GXMMCM6is5X0gBTHdS-2BJluRfS1khaoh2nXUUhjY6NjbDPDrBYbjZhblKiBDln2RGojeQks-3DwJ_H_bPJQ-2BOCb3aW1T83x2gM7viLnkRABiMee-2BgA4BKnnT0B5nXPLr27wFh-2B8Ri9Nn8j0R8WyUeBrV9psXgvr3nhRFGqnztey7awy6ohEZ5cW9syzW7Des78RPsY0ME2nz5IGKsAvhxl0-2F6IvnBOMczP2qLB7nMYz4NnrgxMXBNO7JiA00J9vP9YrHOZ1HKAkHY83Pcr2c2vM5MsmtrHiQlXzmbCAtaHUE0bJL7wK-2FpIhSrF1sWJwNIAqWlVY-2FopUhfq34m5k2xWcXChw8fEtuG73TarM-2FeCAujNNZc2Qs0rr-2BfE-3D HTTP 302
https://gbt.infopoint.intelliguide.com/WebView?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f HTTP 301
http://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f HTTP 301
https://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f HTTP 302
https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request email.aspx Show response gbt.infopoint.intelliguide.com/ Redirect Chain http://alerts.ntmllc.com/ls/click?upn=Lj6l9KjOeW8vEOcDDixy5tC9zc-2FdtCGe4Zd03RUoJT1IEofwXfRvLKsAXcOFAJyGM0lVs3nUcKrzWR7CH-2FBC1DsIt34kDacI3AVX0GXMMCM6is5X0gBTHdS-2BJluRfS1khaoh2nXUUhjY6NjbDPDrBYbjZ... https://gbt.infopoint.intelliguide.com/WebView?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f http://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f https://gbt.infopoint.intelliguide.com/WebView/?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f	11 KB 3 KB	222ms 221ms	Document text/html	18.173.187.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-118.muc50.r.cloudfront.net Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `776961a3e677c9d83a7cdeb8a23b8d2fcfe088b1fd5d37ef665e71e4a0f4309b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Thu, 31 Aug 2023 23:23:40 GMT expires -1 pragma no-cache server Microsoft-IIS/8.5 vary Accept-Encoding via 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) x-amz-cf-id 8poJX34hgckgfcqrAUrJe4YllwbmUzQjTXd41IdiPWC_o8pSXWOMyA== x-amz-cf-pop MUC50-P4 x-aspnet-version 4.0.30319 x-cache Miss from cloudfront x-powered-by ASP.NET Redirect headers cache-control private content-length 206 content-type text/html; charset=utf-8 date Thu, 31 Aug 2023 23:23:40 GMT location /email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f server Microsoft-IIS/8.5 via 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) x-amz-cf-id UjFqEvMes7hdAUB-pHurPoqnI4mv9JLJPUtYxgiNljmaagcAs5oR4A== x-amz-cf-pop MUC50-P4 x-aspnet-version 4.0.30319 x-cache Miss from cloudfront x-powered-by ASP.NET
GET H2	200	24f7e32e-c6ee-48c7-a75d-e7b60246b2ae.png gbt.infopoint.intelliguide.com/i/c/up/	16 KB 17 KB	219ms 219ms	Image image/png	18.173.187.118 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://gbt.infopoint.intelliguide.com/i/c/up/24f7e32e-c6ee-48c7-a75d-e7b60246b2ae.png Requested by Host: gbt.infopoint.intelliguide.com URL: https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-118.muc50.r.cloudfront.net Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `2b4f842076bf92c7a49d10bb49e795b8c03e377e039b3b355f39725bc9c2440c` Request headers accept-language de-DE,de;q=0.9 Referer https://gbt.infopoint.intelliguide.com/email.aspx?s=78fa0bfd-a14c-4774-9a33-258bdd8e8e82&u=6c8a6be6c5d8451bada39a5012ed6e7f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers date Thu, 31 Aug 2023 23:23:40 GMT via 1.1 de8b46af7190cc021fd8b12be6996a2e.cloudfront.net (CloudFront) last-modified Fri, 18 Mar 2022 13:45:59 GMT server Microsoft-IIS/8.5 x-amz-cf-pop MUC50-P4 etag "d6e45e80ce3ad81:0" x-powered-by ASP.NET x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 16818 x-amz-cf-id nLWic01VR4A8IOVOBzMq8YgUjNdehpY-Yt7mYz0u4FLty00qkSZraQ==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gbt.infopoint.intelliguide.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: t5ws2e0whsvncjs2goqwmmgw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alerts.ntmllc.com
gbt.infopoint.intelliguide.com
167.89.118.83
18.173.187.107
18.173.187.118
2b4f842076bf92c7a49d10bb49e795b8c03e377e039b3b355f39725bc9c2440c
776961a3e677c9d83a7cdeb8a23b8d2fcfe088b1fd5d37ef665e71e4a0f4309b

gbt.infopoint.intelliguide.com Open in urlscan Pro 18.173.187.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

20 kBTransfer

27 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

gbt.infopoint.intelliguide.com Open in urlscan Pro
18.173.187.118 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

20 kB
Transfer

27 kB
Size

1
Cookies

2 HTTP transactions
0 data transactions