mailaccountsupport.intercom-clicks.com Open in urlscan Pro
2600:9000:214f:c000:19:1477:f380:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01...
Effective URL:
https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3...
Submission: On October 21 via manual (October 21st 2022, 2:55:53 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2600:9000:214f:c000:19:1477:f380:93a1, located in United States and belongs to AMAZON-02, US. The main domain is mailaccountsupport.intercom-clicks.com.
TLS certificate: Issued by Amazon on June 20th 2022. Valid for: a year.

This is the only time mailaccountsupport.intercom-clicks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	64.78.56.115 64.78.56.115	16406 (AS-INTERM...) (AS-INTERMEDIA)
1	2600:9000:214... 2600:9000:214f:c000:19:1477:f380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.67 18.66.112.67	() ()
1 1	108.138.17.127 108.138.17.127	16509 (AMAZON-02) (AMAZON-02)
3	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
2	54.208.34.30 54.208.34.30	() ()
17	5

9 64.78.56.115 (United States)

ASN16406 (AS-INTERMEDIA, US)
PTR: intermedia.net

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:c000:19:1477:f380:93a1 (United States)

ASN16509 (AMAZON-02, US)

mailaccountsupport.intercom-clicks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.67 (United States)

ASN- ()
PTR: server-18-66-112-67.fra56.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.127 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-127.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.34.30 (None, )

ASN- ()

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	emailprotection.link url.emailprotection.link — Cisco Umbrella Rank: 122716	399 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2093	202 KB
3	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2082 api-iam.intercom.io	2 KB
2	intercomassets.com static.intercomassets.com — Cisco Umbrella Rank: 13007	59 KB
1	intercom-clicks.com mailaccountsupport.intercom-clicks.com	4 KB
17	5

	Domain	Requested by
9	url.emailprotection.link	url.emailprotection.link
3	js.intercomcdn.com	widget.intercom.io
2	api-iam.intercom.io	js.intercomcdn.com
2	static.intercomassets.com	mailaccountsupport.intercom-clicks.com
1	widget.intercom.io	1 redirects
1	mailaccountsupport.intercom-clicks.com	url.emailprotection.link
17	6

This site contains no links.

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust RSA CA 2018	`2022-07-27` - `2023-08-27`	a year	crt.sh
intercom-attachments-10.com Amazon	`2022-06-20` - `2023-07-19`	a year	crt.sh
intercomassets.com Amazon	`2022-06-17` - `2023-07-16`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530
Frame ID: FF1AB14A71ED014F3D88893DAC9F31B1
Requests: 13 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7c58533a.js
Frame ID: 4C083900906B50D85CE6263AA3FA78BF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The linked site may be unsafe!

Page URL History Show full URLs

https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7... Page URL
https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70u... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

664 kB
Transfer

1345 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~ Page URL
https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://widget.intercom.io/widget/tx2p130c HTTP 302
https://js.intercomcdn.com/shim.latest.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 6 KB
4 KB 785ms
171ms Document
text/html 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: bdb67d6965bbe7b32e00771fd59af3fb5f9eca82479305148836b913024da924

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Oct 2022 02:55:47 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK new_style.css
url.emailprotection.link/new/css/ 8 KB
2 KB 158ms
157ms Stylesheet
text/css 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/new_style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-1e80"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK new_screenshot.js Show response
url.emailprotection.link/new/js/ 1 KB
956 B 468ms
155ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-574"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK tooltipster.css
url.emailprotection.link/new/css/ 10 KB
3 KB 315ms
157ms Stylesheet
text/css 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/tooltipster.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-2965"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK jquery-1.9.1.js Show response
url.emailprotection.link/new/js/libs/ 142 KB
47 KB 626ms
313ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-23758"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
url.emailprotection.link/new/js/libs/ 17 KB
6 KB 474ms
158ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-43a9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK new_scanning.js Show response
url.emailprotection.link/new/js/ 947 B
735 B 473ms
157ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: W/"62d025ae-3b3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK scanning_70.gif
url.emailprotection.link/new/images/ 30 KB
30 KB 158ms
157ms Image
image/gif 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/scanning_70.gif
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://url.emailprotection.link/?bulYmUS3_mz61CH7klm2ivS9_FZ1fioRYq1B1nzaqaNZLdyK8PHtTUgohHqjPw48xUZOiHdMo-7gY8qBTcLWcqkfaoaBq01h-_wstOdQ6rWyxOR99KGPzBZYh9CPYUHwqrdzEaGck7GjF56l8zAf5dAI_9l9kA-7k25Y0TCWPPor4EEaWZz5aK9tD2FJ61o0bShSpgkrgLIg8ZYV2frVLKqoaemOYqm2D5IgN0DHqswE9WrQLdaIV_B-obT7U33giad_pr7gX0V-uO2o4vv8ve2en3eudRput4FYJ2NB2-1PQlpgMAAbz08zaCYIJL8-ic5SrPbVXdYOzjFwibhbrqQ~~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: "62d025ae-78dd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30941

GET
H/1.1 200
OK notosans-regular.ttf
url.emailprotection.link/new/fonts/ 306 KB
306 KB 157ms
157ms Font
application/octet-stream 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

Referer: https://url.emailprotection.link/new/css/new_style.css
Origin: https://url.emailprotection.link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:55:48 GMT
Last-Modified: Thu, 14 Jul 2022 14:18:22 GMT
Server: nginx
ETag: "62d025ae-4c738"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313144

GET
H2 410 Primary Request e Show response
mailaccountsupport.intercom-clicks.com/via/ 2 KB
4 KB 717ms
671ms Document
text/html 2600:9000:214f:c000:19:1477:f380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:c000:19:1477:f380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a4bc0f8d2072bf9b40a9bd9d1436cf5065049adc53010addbf69f255d4a1902a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com .my.connect.aws www.recaptcha.net; connect-src 'self' app.intercom.com api-iam.intercom.io api-ping.intercom.io api-visitor-analytics.intercom.com nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io uploads.intercomcdn.com uploads.intercomcdn.eu uploads.au.intercomcdn.com static.intercomassets.com .tiles.mapbox.com app.getsentry.com sentry.io api.giphy.com api.stripe.com meet.intercom.com meet.eu.intercom.com meet.au.intercom.com preview.intercom.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com static.intercomassets.eu app.eu.intercom.com api-iam.eu.intercom.io static.au.intercomassets.com api-iam.au.intercom.io api.au.intercom.io .intercom-chat.com wss://.nexus.intercom-chat.com .messenger.intercom-chat.com graph.facebook.com .twilio.com wss://.twilio.com frontend-telemetry.intercom.io frontend-telemetry.eu.intercom.io frontend-telemetry.au.intercom.io; font-src data: https:; frame-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com .my.connect.aws www.recaptcha.net; img-src data: blob: https:; media-src data: blob: https:; object-src 'none'; script-src 'self' js.intercomcdn.com static.intercomassets.com store.intercomassets.com billing-admin.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com store.intercom.io widget.intercom.io api.tiles.mapbox.com connect.facebook.net js.stripe.com netdna.bootstrapcdn.com platform.twitter.com static.segment.com switchet.s3.amazonaws.com www.google-analytics.com run.pstmn.io munchkin.marketo.net app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com admin.typeform.com dp3rct5vic41c.cloudfront.net static.intercomassets.eu static.au.intercomassets.com static.zuora.com p.trellocdn.com www.recaptcha.net 'nonce-sYq2lPeqdoP9iTR81+CBL57oS4lWOeJINV4tMbyngtk=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' static.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com static.intercomcdn.com marketing.intercomassets.com api.tiles.mapbox.com fonts.googleapis.com maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com fonts.intercomcdn.com static.intercomassets.eu static.au.intercomassets.com
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://url.emailprotection.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com *.my.connect.aws www.recaptcha.net; connect-src 'self' app.intercom.com api-iam.intercom.io api-ping.intercom.io api-visitor-analytics.intercom.com nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io uploads.intercomcdn.com uploads.intercomcdn.eu uploads.au.intercomcdn.com static.intercomassets.com *.tiles.mapbox.com app.getsentry.com sentry.io api.giphy.com api.stripe.com meet.intercom.com meet.eu.intercom.com meet.au.intercom.com preview.intercom.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com static.intercomassets.eu app.eu.intercom.com api-iam.eu.intercom.io static.au.intercomassets.com api-iam.au.intercom.io api.au.intercom.io *.intercom-chat.com wss://*.nexus.intercom-chat.com *.messenger.intercom-chat.com graph.facebook.com *.twilio.com wss://*.twilio.com frontend-telemetry.intercom.io frontend-telemetry.eu.intercom.io frontend-telemetry.au.intercom.io; font-src data: https:; frame-src 'self' docs.google.com fast.wistia.net fast.wistia.com js.stripe.com hooks.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com www.youtube-nocookie.com content.jwplatform.com players.brightcove.net intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com insight.adsrvr.org apisandbox.zuora.com zuora.com www.zuora.com *.my.connect.aws www.recaptcha.net; img-src data: blob: https:; media-src data: blob: https:; object-src 'none'; script-src 'self' js.intercomcdn.com static.intercomassets.com store.intercomassets.com billing-admin.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com store.intercom.io widget.intercom.io api.tiles.mapbox.com connect.facebook.net js.stripe.com netdna.bootstrapcdn.com platform.twitter.com static.segment.com switchet.s3.amazonaws.com www.google-analytics.com run.pstmn.io munchkin.marketo.net app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com admin.typeform.com dp3rct5vic41c.cloudfront.net static.intercomassets.eu static.au.intercomassets.com static.zuora.com p.trellocdn.com www.recaptcha.net 'nonce-sYq2lPeqdoP9iTR81+CBL57oS4lWOeJINV4tMbyngtk=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' static.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com static.intercomcdn.com marketing.intercomassets.com api.tiles.mapbox.com fonts.googleapis.com maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com fonts.intercomcdn.com static.intercomassets.eu static.au.intercomassets.com
content-type: text/html; charset=utf-8
date: Fri, 21 Oct 2022 02:55:51 GMT
server: nginx
status: 410 Gone
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id: x_y7baa_eEMh2bhryHKa0MqXRWeKr1KwodONCbPYr6QX36DWm7mgxw==
x-amz-cf-pop: FRA53-C1
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-intercom-version: 66095ebe941fb56665426a537735b463bb1986ee
x-request-id: 000l0ngpr2ruelqhapog
x-robots-tag: noindex
x-runtime: 0.290105
x-xss-protection: 1; mode=block

GET
H2 200 core_styles_shim-9c61f370515b2fa79fd0a66c2dbd76786e84f648e4b7803b4126695e76f5532d.css
static.intercomassets.com/assets/ 123 KB
58 KB 72ms
9ms Stylesheet
text/css 18.66.112.67

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intercomassets.com/assets/core_styles_shim-9c61f370515b2fa79fd0a66c2dbd76786e84f648e4b7803b4126695e76f5532d.css
Requested by: Host: mailaccountsupport.intercom-clicks.com
URL: https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 , United States, ASN (),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c61f370515b2fa79fd0a66c2dbd76786e84f648e4b7803b4126695e76f5532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailaccountsupport.intercom-clicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 11:23:25 GMT
x-amz-version-id: AsmAYuH18k9plRTGy8kIFfQd5RQFyNN9
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 11:17:53 GMT
server: AmazonS3
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"e8136dcab6b091a7fb2fdcbdeaad53fc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
age: 1265547
x-amz-cf-id: SuQ7D2W0fAchVBJTL-LnvtF6RD-_lTBNuxyntczEmy14buWMuM7FSQ==

GET
H2 200 link_blocked-ee7e13d16212b386f16226373416cf8d2c24fc913fb2112d9166229c1cbe5cdb.css
static.intercomassets.com/assets/ 595 B
977 B 78ms
16ms Stylesheet
text/css 18.66.112.67

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intercomassets.com/assets/link_blocked-ee7e13d16212b386f16226373416cf8d2c24fc913fb2112d9166229c1cbe5cdb.css
Requested by: Host: mailaccountsupport.intercom-clicks.com
URL: https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 , United States, ASN (),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee7e13d16212b386f16226373416cf8d2c24fc913fb2112d9166229c1cbe5cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailaccountsupport.intercom-clicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 12:25:47 GMT
x-amz-version-id: null
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified: Mon, 29 Nov 2021 11:59:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2212205
etag: "7da05a2213340777b7688fa07efd7287"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 595
x-amz-cf-id: ze8Zob7ne3lazL6lhrEKSSnbc50nQk4YRyCl3EqJhbK8dleoivpdTw==

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/tx2p130c
https://js.intercomcdn.com/shim.latest.js

18 KB
7 KB

25ms
7ms

Script
application/javascript

18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/shim.latest.js

Protocol

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

61cffbe0ee68c6effecfb3cbf6f172bc6b953c2a0087154f78f3bfa510ec17fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailaccountsupport.intercom-clicks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: zWOIVwM9XuxoLtawMLOCqci9U8hBjLba
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Fri, 21 Oct 2022 02:53:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 159
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6170
last-modified: Thu, 20 Oct 2022 15:48:05 GMT
server: AmazonS3
etag: "6e4d9c523b3138bccfb0c9dd40697904"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: MRgngIUOYgLQD49-Z5ZJ--pFu-leN3W5IFgCSizPt7Y4eMcxHE3LHQ==

Redirect headers

date: Thu, 20 Oct 2022 20:10:14 GMT
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 24338
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
content-length: 0
x-amz-cf-id: Bg_z5N_lAZIgKgbSUMYfeOWNgvY8IzGFnYyD_Ivnhnfh-zFNfN5Eyw==

GET
H2 200 frame-modern.7c58533a.js Show response
js.intercomcdn.com/ Frame 4C08 445 KB
122 KB 9ms
9ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.7c58533a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/tx2p130c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

161a94b9451931ea18480cf4e901c167cc6760424123765ba7a2ea2993caa8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: _GqK32kMcXdkoRzYumyxqKgFLm7gGIVC
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Fri, 21 Oct 2022 01:48:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 4061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 124151
last-modified: Thu, 20 Oct 2022 15:46:44 GMT
server: AmazonS3
etag: "38fb6280638c52ad3a6ca1551da77cbc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: h8iVhfLSanwyTVA_mifs7cZf7gk0zpDKZ-fD7vU1CDLBLFZYJf9CYA==

GET
H2 200 vendor-modern.01bccdc7.js Show response
js.intercomcdn.com/ Frame 4C08 236 KB
73 KB 37ms
37ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.01bccdc7.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/tx2p130c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b3c31571214f914eba4582f960309f5d207d50ed86c8aee6d20b5ab95c307fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: 7t4bfuFJD1Iq_dieGzOhVdKJc0f1OdHh
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
date: Fri, 21 Oct 2022 02:40:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 941
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74220
last-modified: Tue, 18 Oct 2022 15:56:38 GMT
server: AmazonS3
etag: "2c15f4e43ba4207217b2a5d7d06200c4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: q54so5FFgTqKfgtkJkOaosvl71DhT2tVImyI_jySHSZG8ohzvsgTMQ==

POST
H2 403 ping Show response
api-iam.intercom.io/messenger/web/ Frame 4C08 166 B
820 B 380ms
183ms XHR
application/json 54.208.34.30

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7c58533a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.34.30 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Oct 2022 02:55:52 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
status: 403 Forbidden
x-xss-protection: 1; mode=block
x-request-id: 000ate71sqhdsgisbep0
x-runtime: 0.054147
server: nginx
x-ratelimit-remaining: 166631
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mailaccountsupport.intercom-clicks.com
x-intercom-version: 66095ebe941fb56665426a537735b463bb1986ee
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1666320960
x-ratelimit-limit: 166666
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 metrics Show response
api-iam.intercom.io/messenger/web/ Frame 4C08 0
616 B 175ms
174ms XHR
text/html 54.208.34.30

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/metrics

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7c58533a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.208.34.30 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 21 Oct 2022 02:55:52 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-05a05caa6fbf7298f
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000aud112fr64lk3vpeg
x-runtime: 0.022236
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://mailaccountsupport.intercom-clicks.com
x-intercom-version: 66095ebe941fb56665426a537735b463bb1986ee
cache-control: no-cache
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mailaccountsupport.intercom-clicks.com/via/e?ob=1vJ9GeJHvypiRDWx9ExWwOr4kXNPlHeOmxHQWpJW7C%2FLUFfWpQK4wzpNA6mQ4R70um%2FyH35Z44Kzfd%2FP3R3buA%3D%3D&h=441ef30d31b37939372e1996abe12e516d0bdaae-fbbezrxh_153620703676530 Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://api-iam.intercom.io/messenger/web/ping Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
js.intercomcdn.com
mailaccountsupport.intercom-clicks.com
static.intercomassets.com
url.emailprotection.link
widget.intercom.io
108.138.17.127
18.66.112.67
18.66.147.49
2600:9000:214f:c000:19:1477:f380:93a1
54.208.34.30
64.78.56.115
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
161a94b9451931ea18480cf4e901c167cc6760424123765ba7a2ea2993caa8f8
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
61cffbe0ee68c6effecfb3cbf6f172bc6b953c2a0087154f78f3bfa510ec17fd
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
9c61f370515b2fa79fd0a66c2dbd76786e84f648e4b7803b4126695e76f5532d
a4bc0f8d2072bf9b40a9bd9d1436cf5065049adc53010addbf69f255d4a1902a
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
b3c31571214f914eba4582f960309f5d207d50ed86c8aee6d20b5ab95c307fe6
bdb67d6965bbe7b32e00771fd59af3fb5f9eca82479305148836b913024da924
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7e13d16212b386f16226373416cf8d2c24fc913fb2112d9166229c1cbe5cdb

mailaccountsupport.intercom-clicks.com Open in urlscan Pro 2600:9000:214f:c000:19:1477:f380:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

5 IPs

1 Countries

664 kBTransfer

1345 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

mailaccountsupport.intercom-clicks.com Open in urlscan Pro
2600:9000:214f:c000:19:1477:f380:93a1 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

664 kB
Transfer

1345 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions