view.mail.patient-message.com

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 136.147.129.32, located in Indianapolis, United States and belongs to EXACT-7 - ExactTarget, Inc., US. The main domain is view.mail.patient-message.com.

This is the only time view.mail.patient-message.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	136.147.129.32 136.147.129.32	22606 (EXACT-7) (EXACT-7 - ExactTarget)
1	2.16.106.97 2.16.106.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.88.70.123 52.88.70.123	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	3

1 136.147.129.32 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: ck32.mta.exacttarget.com

view.mail.patient-message.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.106.97 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-106-97.deploy.static.akamaitechnologies.com

click.mail.patient-message.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.70.123 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-88-70-123.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	patient-message.com view.mail.patient-message.com click.mail.patient-message.com	17 KB
1	amplitude.com api.amplitude.com	15 B
3	2

	Domain	Requested by
1	api.amplitude.com	view.mail.patient-message.com
1	click.mail.patient-message.com	view.mail.patient-message.com
1	view.mail.patient-message.com
3	3

This site contains links to these domains. Also see Links.

Domain
click.mail.patient-message.com

Subject Issuer	Validity	Valid
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2016-12-20` - `2020-02-14`	3 years	crt.sh

This page contains 1 frames:

Primary Page: http://view.mail.patient-message.com/?qs=f6670c7866f7f307916a36017c04c30c2fd1a295fb0f5643aa2b51f80336980f7f89eda97ab3e57d32adf912467fd77d497c3ffae68256a7b6925d5d66316b734974c2418bd33fbb
Frame ID: 57088D6B5159ACCA12BC37F8E3B2F512
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

17 kB
Transfer

17 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://click.mail.patient-message.com/?qs=1fa533022781a0e17de8a568f5c050696c7d545d67ce6e9c64caddcca40f83703e6222766c09e91ab5aebed6c3360eeecd4578db56a008c6ff3bee646ef2ed42
Title: Activate Your Account

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
view.mail.patient-message.com/ 17 KB
17 KB 478ms
203ms Document
text/html 136.147.129.32
ExactTarget

General

Check archive.org

Show headers Download Go to

Full URL: http://view.mail.patient-message.com/?qs=f6670c7866f7f307916a36017c04c30c2fd1a295fb0f5643aa2b51f80336980f7f89eda97ab3e57d32adf912467fd77d497c3ffae68256a7b6925d5d66316b734974c2418bd33fbb
Protocol: HTTP/1.1
Server: 136.147.129.32 Indianapolis, United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS: ck32.mta.exacttarget.com
Software: /
Resource Hash: 8dffac321b71bdc4d09008225002c4f15c2b67de805c4c38cb2d483e5887b392

Request headers

Host: view.mail.patient-message.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Nov 2018 15:09:00 GMT
Connection: close
Content-Length: 17345

GET
H/1.1 200
OK open.aspx
click.mail.patient-message.com/ 43 B
291 B 177ms
135ms Image
image/gif 2.16.106.97
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://click.mail.patient-message.com/open.aspx?ffcb10-ff3112717563-fe3715727360047d731071-fe89137276630d7577-ff961677-fe191575736d0c75701375-feec1d77726202
Requested by: Host: view.mail.patient-message.com
URL: http://view.mail.patient-message.com/?qs=f6670c7866f7f307916a36017c04c30c2fd1a295fb0f5643aa2b51f80336980f7f89eda97ab3e57d32adf912467fd77d497c3ffae68256a7b6925d5d66316b734974c2418bd33fbb
Protocol: HTTP/1.1
Server: 2.16.106.97 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-106-97.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept: image/webp,image/apng,image/*,*/*;q=0.8
Pragma: no-cache
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: click.mail.patient-message.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 13 Nov 2018 15:09:00 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 13 Nov 2018 15:09:00 GMT

GET
S 400 httpapi
api.amplitude.com/ 15 B
15 B 552ms
180ms Image
text/html 52.88.70.123
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.amplitude.com/httpapi?api_key=3d721451660b022290e85ddafdde48d8&event=%7B%22event_type%22%3A%22Email%20Opened%22%2C%22user_properties%22%3A%7B%22brandid%22%3A%22%22%2C%22messagesubtype%22%3A%22portaladoption%22%2C%22messagetype%22%3A%22groupcall%22%2C%22contextid%22%3A%2211413%22%2C%22messagetypesubtype%22%3A%22groupcall%3Aportaladoption%22%7D%2C%22user_id%22%3A%22OHAMHCbn6BG%5C%2FLonwug83Gg%3D%3D%22%7D&ip=1&img=1

Requested by

Host: view.mail.patient-message.com
URL: http://view.mail.patient-message.com/?qs=f6670c7866f7f307916a36017c04c30c2fd1a295fb0f5643aa2b51f80336980f7f89eda97ab3e57d32adf912467fd77d497c3ffae68256a7b6925d5d66316b734974c2418bd33fbb

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.70.123 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-88-70-123.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.z-SNAPSHOT) /

Resource Hash

48fb01775da6ff1ebc1766873be1d34d28af56ef87a0d7251cdae1c277c2c05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 13 Nov 2018 15:09:00 GMT
server: Jetty(9.4.z-SNAPSHOT)
status: 400
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
content-length: 15

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
click.mail.patient-message.com
view.mail.patient-message.com
136.147.129.32
2.16.106.97
52.88.70.123
48fb01775da6ff1ebc1766873be1d34d28af56ef87a0d7251cdae1c277c2c05f
8dffac321b71bdc4d09008225002c4f15c2b67de805c4c38cb2d483e5887b392
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

view.mail.patient-message.com Open in urlscan Pro 136.147.129.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

17 kBTransfer

17 kBSize

0 Cookies

1 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

view.mail.patient-message.com Open in urlscan Pro
136.147.129.32 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

17 kB
Transfer

17 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions