urlscan.io logo urlscan.io
SecurityTrails logo

vm007.sendmail09.com Open in urlscan Pro
49.247.36.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vm007.sendmail09.com/detect/click?mailtype=email&campaignidx=24&duplicationyn=N&targetidx=66793&encoding=yes&maillink...
Effective URL: https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEW...
Submission: On November 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 49.247.36.44, located in Korea, Republic Of and belongs to SMILESERV-AS-KR SMILESERV, KR. The main domain is vm007.sendmail09.com.
TLS certificate: Issued by R3 on October 13th 2022. Valid for: 3 months.
This is the only time vm007.sendmail09.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

koky037.pdf 1 MB application/pdf
MIME: PDF document, version 1.4
Size: 1 MB (1127812 bytes, 100% done)
Downloaded from: https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg

Domain & IP information

IP Address AS Autonomous System
1 2 49.247.36.44 38700 (SMILESERV...)
1 1 216.58.212.134 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2
Apex Domain
Subdomains		 Transfer
2 sendmail09.com
vm007.sendmail09.com
1 KB
1 ti.com
www.ti.com — Cisco Umbrella Rank: 93241
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 173
695 B
2 3
Domain Requested by
2 vm007.sendmail09.com 1 redirects
1 www.ti.com vm007.sendmail09.com
1 ad.doubleclick.net 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
vm007.sendmail09.com
R3		 2022-10-13 -
2023-01-11		 3 months crt.sh
www.ti.com.cn
DigiCert Global CA G2		 2022-07-26 -
2023-07-26		 a year crt.sh

This page contains 1 frames:

Frame: https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg
Frame ID: 0F9A0FEB6D87E56B2D737F214A986501
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://vm007.sendmail09.com/detect/click?mailtype=email&campaignidx=24&duplicationyn=N&targetidx=66793&e... HTTP 302
    https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%... Page URL

Page Statistics

2
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vm007.sendmail09.com/detect/click?mailtype=email&campaignidx=24&duplicationyn=N&targetidx=66793&encoding=yes&maillink=false&email=star.ko%40amdocs.com&csvimportIdxForeign=66793&url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%24e%24542862150%3Bdc_trk_cid%24e%24181733627%3Bdc_lat%24e%24%3Bdc_rdid%24e%24%3Btag_for_child_directed_treatment%24e%24%3Btfua%24e%24%3Bltd%24e%24&campaignclickobjectidx=236&type=click HTTP 302
    https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D181733627%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ad.doubleclick.net/ddm/trackclk/N5744.285032EPCNEWS/B27983950.350015166;dc_trk_aid=542862150;dc_trk_cid=181733627;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect.jsp
vm007.sendmail09.com/redirect/
Redirect Chain
  • https://vm007.sendmail09.com/detect/click?mailtype=email&campaignidx=24&duplicationyn=N&targetidx=66793&encoding=yes&maillink=false&email=star.ko%40amdocs.com&csvimportIdxForeign=66793&url=https%3A...
  • https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D18173362...
222 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D181733627%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.247.36.44 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
mailer.techworld.co.kr
Software
/
Resource Hash
e8debae671d524296390a80bd2b21b5aa96464521e91caf7c9924810f36239df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
222
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 17 Nov 2022 06:50:52 GMT
Keep-Alive
timeout=60

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Language
ko
Content-Length
0
Date
Thu, 17 Nov 2022 06:50:52 GMT
Expires
0
Keep-Alive
timeout=60
Location
/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D181733627%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
koky037.pdf
www.ti.com/lit/wp/koky037/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackclk/N5744.285032EPCNEWS/B27983950.350015166;dc_trk_aid=542862150;dc_trk_cid=181733627;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
  • https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg
Requested by
Host: vm007.sendmail09.com
URL: https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D181733627%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::b48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.ti.com https://*.ti.com.cn https://*.tij.co.jp;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vm007.sendmail09.com/redirect/redirect.jsp?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN5744.285032EPCNEWS%2FB27983950.350015166%3Bdc_trk_aid%3D542862150%3Bdc_trk_cid%3D181733627%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60
content-length
1127812
content-security-policy
frame-ancestors https://*.ti.com https://*.ti.com.cn https://*.tij.co.jp;
content-type
application/pdf
date
Thu, 17 Nov 2022 06:50:53 GMT
etag
"113584-5ebccd6070795"
expires
Sun, 13 Nov 2022 21:16:15 GMT
last-modified
Mon, 24 Oct 2022 19:31:20 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 06:50:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.ti.com/lit/wp/koky037/koky037.pdf?DCM=yes&dclid=CLmw9JTQtPsCFUmQ_QcdtPMCcg
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
vm007.sendmail09.com/redirect Name: JSESSIONID
Value: 9A4A953DD57815DE1F3B1B2AAF05BB2B
.doubleclick.net/ Name: IDE
Value: AHWqTUlKmI3leWqBc2DYJuIbjZ84GNrnaDXCx6TBkXKL13eGeqTiC5cT3kGAMfxlwkU
.ti.com/ Name: ti_geo
Value: country=DE|city=FRANKFURT|continent=EU|tc_ip=2a00:c98:2030:a004:1::6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
vm007.sendmail09.com
www.ti.com
216.58.212.134
2a02:26f0:3500:591::b48
49.247.36.44
e8debae671d524296390a80bd2b21b5aa96464521e91caf7c9924810f36239df